71522ad06bb78362e4283e1fe0ece19aa7e8a1f003feb15c0eea0b63a42387b8

Analysis

max time kernel
142s
max time network
135s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
19-07-2023 07:59

Target

高游自动更新服务器端.exe
Size

42KB
MD5

fe3ef5a9f50c8511520725f0afa9bd14
SHA1

c265cae7632c5169ed8e78009718d314556e7557
SHA256

71522ad06bb78362e4283e1fe0ece19aa7e8a1f003feb15c0eea0b63a42387b8
SHA512

a8b519c7cc40665ef200457d6133646a4d3681ab6789035a84af604f1226462d008d119ed0af1ebf789581d92115aa2aa92cb41efb8e15cc40d2ffc35a061be9
SSDEEP

768:VCFgQtyjhpJdmnD5yuMvmdWx1p6vEyhDbtD222+2cMvmdW:EFgvmDbtD2xN

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4604	4472	WerFault.exe	83

C:\Users\Admin\AppData\Local\Temp\高游自动更新服务器端.exe
"C:\Users\Admin\AppData\Local\Temp\高游自动更新服务器端.exe"
1⤵
PID:4472
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4472 -s 1048
  2⤵
  - Program crash
  PID:4604

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4472 -ip 4472
1⤵
PID:3444

memory/4472-134-0x0000000074570000-0x0000000074D20000-memory.dmp

Filesize
7.7MB

Download
memory/4472-133-0x0000000000550000-0x0000000000560000-memory.dmp

Filesize
64KB

Download
memory/4472-135-0x0000000005620000-0x0000000005BC4000-memory.dmp

Filesize
5.6MB

Download
memory/4472-136-0x0000000004F60000-0x0000000004FF2000-memory.dmp

Filesize
584KB

Download
memory/4472-137-0x0000000005220000-0x0000000005230000-memory.dmp

Filesize
64KB

Download
memory/4472-138-0x0000000004F50000-0x0000000004F5A000-memory.dmp

Filesize
40KB

Download
memory/4472-139-0x0000000074570000-0x0000000074D20000-memory.dmp

Filesize
7.7MB

Download