348adf57fbbe1a8d51bbb49a5fbc4eb27982c71e5af5a9d94ffbe54068a7dec7

Analysis

max time kernel
30s
max time network
34s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
03/04/2023, 18:06

Target

CCV Checker c9.exe
Size

11.2MB
MD5

64a79ec8d1eb98a5e74ad5e7f2767a1b
SHA1

739cdcb919493716ec4e235d07c61aad523ff1b3
SHA256

348adf57fbbe1a8d51bbb49a5fbc4eb27982c71e5af5a9d94ffbe54068a7dec7
SHA512

c860adff65a2c33ac4a9caf28126d6852415d17df6ab5344192ca49f7e33ea9a018929b9e288234c844fed7e92171bee507e2c2d3fdb6524530b1ab576849e43
SSDEEP

196608:8wmW6PWkNmtYw5xHObgcxWqvc2CxXAR2q4kRLCMe+XrrlFgyp/3vBpiZ8eF//4R7:0nn+YwKb+qvcbBq4kRL7rvgypPvXuJFG

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1984	1780	WerFault.exe	27

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1780 wrote to memory of 1984	1780	CCV Checker c9.exe	28
PID 1780 wrote to memory of 1984	1780	CCV Checker c9.exe	28
PID 1780 wrote to memory of 1984	1780	CCV Checker c9.exe	28

C:\Users\Admin\AppData\Local\Temp\CCV Checker c9.exe
"C:\Users\Admin\AppData\Local\Temp\CCV Checker c9.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1780
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 1780 -s 92
  2⤵
  - Program crash
  PID:1984