3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212

Analysis

max time kernel
135s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
05-06-2023 05:56

Target

3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe
Size

199KB
MD5

ade9d41bc7390202584d1282aa3fe49e
SHA1

ca99ab8911cfcb730532eb4a8e47a00d4111a441
SHA256

3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212
SHA512

3a56d9a22051641dc28fe027ef3855600f92c75cdb473f9fbf0a434c8e856c07bbfba570327c52ed1fdb7f84c0841ae633503ca73024e73ca9d76710faa7c64e
SSDEEP

3072:ymhFlEiEuuo6QW/+17Eq6tVv9rv81gfECQ:ymhFlEQuN+TOlC

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

4296 4528 WerFault.exe 3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe
Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe

pid process

4528 3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe

pid	pid_target	process	target process
4296	4528	WerFault.exe	3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe

pid	process
4528	3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe

C:\Users\Admin\AppData\Local\Temp\3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe
"C:\Users\Admin\AppData\Local\Temp\3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4528

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4528 -s 424
2⤵
- Program crash
PID:4296

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 4528 -ip 4528
1⤵
PID:2240