cbf5c51ba26fc8fb53b25faef5748a7e13c5ebc39c0a1f2c00c1644469b9fcbc

Analysis

max time kernel
118s
max time network
125s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
02/08/2023, 21:26

Target

Delta V3.56/Delta.exe
Size

17.0MB
MD5

eae8863a337c042193c0faf27daf1a64
SHA1

027c092f79bdbbc9bda891917f8d4258313fbce9
SHA256

bcc5a811c734fceb0c6468e2260229c46fb9ac79de91c7c81b4478e7f008b8cb
SHA512

dd3db5c8d9bdf8f9ff50ab31276a0f8cd07acd85708ea7eeabe25ccc7276f52409abe5ace2b91260865e5e5b1edc993886911bb2d489b56091201936df01b846
SSDEEP

196608:QOM8QZXcqPrn0guhegnueaIN3l4X+yBXeLUpcgwBj9aR:QOM8EmegnBaS1C+yBaUpcgwBj0

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1728	2216	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2216 wrote to memory of 1728	2216	Delta.exe	28
PID 2216 wrote to memory of 1728	2216	Delta.exe	28
PID 2216 wrote to memory of 1728	2216	Delta.exe	28
PID 2216 wrote to memory of 1728	2216	Delta.exe	28

C:\Users\Admin\AppData\Local\Temp\Delta V3.56\Delta.exe
"C:\Users\Admin\AppData\Local\Temp\Delta V3.56\Delta.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2216 -s 808
  2⤵
  - Program crash
  PID:1728

memory/2216-54-0x0000000073C50000-0x000000007433E000-memory.dmp

Filesize
6.9MB

Download
memory/2216-55-0x0000000000140000-0x0000000001244000-memory.dmp

Filesize
17.0MB

Download
memory/2216-56-0x0000000005F40000-0x0000000005F80000-memory.dmp

Filesize
256KB

Download
memory/2216-57-0x0000000005F40000-0x0000000005F80000-memory.dmp

Filesize
256KB

Download
memory/2216-58-0x00000000014D0000-0x00000000014DA000-memory.dmp

Filesize
40KB

Download
memory/2216-59-0x0000000073C50000-0x000000007433E000-memory.dmp

Filesize
6.9MB

Download
memory/2216-60-0x0000000005F40000-0x0000000005F80000-memory.dmp

Filesize
256KB

Download