1e5a0f2ea1022ff0332000c46ae56c60d7ca695aba8642831fb537986467a9ae

Analysis

max time kernel
142s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
22-07-2023 22:45

Target

624-54-0x0000000000400000-0x0000000000465000-memory.exe
Size

404KB
MD5

17d932789cd4de10f93580356ab3f0a5
SHA1

e0ed446cbba084b3dc9068821389d45a0da6e1c5
SHA256

1e5a0f2ea1022ff0332000c46ae56c60d7ca695aba8642831fb537986467a9ae
SHA512

17a926dcafb03547f32208c73075e2875f69c4b7437da258e6da657ebf84adfd5d74a0a7075790869bac492497c77b05feec192107737de925545c9e4a5bbda5
SSDEEP

12288:z4nR3kPIypkuFRjZBBVZg748xZBdff+fQol:zcL4d3BVPiBdOfN

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

3844 1244 WerFault.exe 624-54-0x0000000000400000-0x0000000000465000-memory.exe

pid	pid_target	process	target process
3844	1244	WerFault.exe	624-54-0x0000000000400000-0x0000000000465000-memory.exe

C:\Users\Admin\AppData\Local\Temp\624-54-0x0000000000400000-0x0000000000465000-memory.exe
"C:\Users\Admin\AppData\Local\Temp\624-54-0x0000000000400000-0x0000000000465000-memory.exe"
1⤵
PID:1244
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1244 -s 216
  2⤵
  - Program crash
  PID:3844

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 1244 -ip 1244
1⤵
PID:2536