4c89b258a901149948a35dc7051684ecebc54cd6c7f8a39ae5d7532f10d79a55

Analysis

max time kernel
140s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2023, 20:36

Target

Cheat Engine 7.4/autorun/dlls/src/Mono/MonoDataCollector/MonoDataCollector.xml
Size

5KB
MD5

005a2f50ab3176d92010be6ddf941655
SHA1

9978e4c49d43172f8855a4748168345f2ca5bff5
SHA256

a73ae1cbf54a722ce9433da14d0600afd504b09f5f681ed4be9c9f5ef0e16a38
SHA512

8ec75f7b33f5c97853b63675621430a4c3975e8d6737a546d5983917e2c5ff17d4b6517fba9d74f0f7c61cf4111f101b1231a97556a09908ec3b5edf843859f2
SSDEEP

96:drlz+71S6oa5zNq5+NtoottAipiwpHipfwp56q3bI4:Zp+skNca8i4whiFwyqb

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2688	1592	WerFault.exe	82

C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
"C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Cheat Engine 7.4\autorun\dlls\src\Mono\MonoDataCollector\MonoDataCollector.xml"
1⤵
PID:1592
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 1592 -s 448
  2⤵
  - Program crash
  PID:2688

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 184 -p 1592 -ip 1592
1⤵
PID:868

memory/1592-134-0x00007FFD632B0000-0x00007FFD634A5000-memory.dmp

Filesize
2.0MB

Download
memory/1592-133-0x00007FFD23330000-0x00007FFD23340000-memory.dmp

Filesize
64KB

Download
memory/1592-135-0x00007FFD632B0000-0x00007FFD634A5000-memory.dmp

Filesize
2.0MB

Download
memory/1592-136-0x00007FFD60AD0000-0x00007FFD60D99000-memory.dmp

Filesize
2.8MB

Download
memory/1592-137-0x00007FFD23330000-0x00007FFD23340000-memory.dmp

Filesize
64KB

Download
memory/1592-138-0x00007FFD632B0000-0x00007FFD634A5000-memory.dmp

Filesize
2.0MB

Download