aa66fe562bfcb2505f959966a22b2bbb8bcc7dc3854d45ad006fc9c53fe59b61

Analysis

max time kernel
26s
max time network
31s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
10-07-2023 14:14

Target

c53e331945a07eexeexeexeex.exe
Size

985KB
MD5

c53e331945a07e39ce99aa7489c5e258
SHA1

447905a5f66325a3db0787b2c5278932c0923bbe
SHA256

aa66fe562bfcb2505f959966a22b2bbb8bcc7dc3854d45ad006fc9c53fe59b61
SHA512

23677d4ccd395682bd7215d64a17c8863bacc53ec06906d74ebc69b27cbfc45bd0eabe994ac46d66a01b47579b1cbc34cc89462de867f7634b8afb05cbc4bc70
SSDEEP

24576:orr4FBDn2XkU/bleQfB96gYj+bES1p4dXAP7uRKOHdoiEJak:wr4FBj2LBCj+YY4dwdO9DEJak

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
560	2216	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2216 wrote to memory of 560	2216	c53e331945a07eexeexeexeex.exe	28
PID 2216 wrote to memory of 560	2216	c53e331945a07eexeexeexeex.exe	28
PID 2216 wrote to memory of 560	2216	c53e331945a07eexeexeexeex.exe	28
PID 2216 wrote to memory of 560	2216	c53e331945a07eexeexeexeex.exe	28

C:\Users\Admin\AppData\Local\Temp\c53e331945a07eexeexeexeex.exe
"C:\Users\Admin\AppData\Local\Temp\c53e331945a07eexeexeexeex.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2216 -s 36
  2⤵
  - Program crash
  PID:560

memory/2216-54-0x0000000000050000-0x0000000000155000-memory.dmp

Filesize
1.0MB

Download
memory/2216-55-0x0000000000050000-0x0000000000155000-memory.dmp

Filesize
1.0MB

Download
memory/2216-56-0x0000000000050000-0x0000000000155000-memory.dmp

Filesize
1.0MB

Download