d090d6a32bb785858e6370f074b9ef655a09123de2c229ec915208b1debde48a

Analysis

max time kernel
31s
max time network
33s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
27/03/2023, 19:44

Target

Device/HarddiskVolume4/Users/FahadAli/Documents/photoshop/PS2018.x64/Crack/Adobe CC 2015.5 XFORCE Ac.exe
Size

3.0MB
MD5

bcf6b1257bf4446e5e7f2eb425a7c37d
SHA1

1af6e4b3850eacaf5b3a4268865aa22da8f2b0cd
SHA256

a041aa40a680dc9cbb16f88d644d67d117a32964594b017841268d946c43b0b9
SHA512

830e0be5486fb305ebda04f2c5beb350768ffb15078e8017c2ad99f2d38af1503b10c6e896fbc066d746e80017a45e70d48eb493cf8e780b22d81dd928a3f1f4
SSDEEP

49152:C6K5jklYtHtq4653A5T/mNiKpcYTwY7Nh4rhQZ:CtZ5tGK7mLBL

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1388	1380	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1380 wrote to memory of 1388	1380	Adobe CC 2015.5 XFORCE Ac.exe	28
PID 1380 wrote to memory of 1388	1380	Adobe CC 2015.5 XFORCE Ac.exe	28
PID 1380 wrote to memory of 1388	1380	Adobe CC 2015.5 XFORCE Ac.exe	28
PID 1380 wrote to memory of 1388	1380	Adobe CC 2015.5 XFORCE Ac.exe	28

C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume4\Users\FahadAli\Documents\photoshop\PS2018.x64\Crack\Adobe CC 2015.5 XFORCE Ac.exe
"C:\Users\Admin\AppData\Local\Temp\Device\HarddiskVolume4\Users\FahadAli\Documents\photoshop\PS2018.x64\Crack\Adobe CC 2015.5 XFORCE Ac.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1380
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1380 -s 204
  2⤵
  - Program crash
  PID:1388