23de8ef1877192c5a0a6160aa5d11f9fb392af55bec9d626efdaf509d06e0840

Analysis

max time kernel
118s
max time network
121s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
23/09/2023, 04:07

Target

23de8ef1877192c5a0a6160aa5d11f9fb392af55bec9d626efdaf509d06e0840.exe
Size

1.8MB
MD5

9dcabcd721fd7404e3a5256a7205e79e
SHA1

4113b03e3101205d9b8b20708979e50ef0fc3448
SHA256

23de8ef1877192c5a0a6160aa5d11f9fb392af55bec9d626efdaf509d06e0840
SHA512

e4d88021f4a93f0c1bb8d1c9d20183afed0ae2dd5db5f919fa64b8d9f23a436c61b7c5cf458ea3a3289f67b180c6d60b64b4265a1337af709abe160c0067707c
SSDEEP

24576:PkiEduvpW0TW16qKCtSdfRxoL4qUTHCH0WWzPB2EJFZQ7IiE8wq3N8VIr0:PkXu216HDq0L2UFZQlL3aM0

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process
1744	2208	WerFault.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2208 wrote to memory of 1744	2208	23de8ef1877192c5a0a6160aa5d11f9fb392af55bec9d626efdaf509d06e0840.exe	1
PID 2208 wrote to memory of 1744	2208	23de8ef1877192c5a0a6160aa5d11f9fb392af55bec9d626efdaf509d06e0840.exe	1
PID 2208 wrote to memory of 1744	2208	23de8ef1877192c5a0a6160aa5d11f9fb392af55bec9d626efdaf509d06e0840.exe	1
PID 2208 wrote to memory of 1744	2208	23de8ef1877192c5a0a6160aa5d11f9fb392af55bec9d626efdaf509d06e0840.exe	1

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2208 -s 200
1⤵
- Program crash
PID:1744

C:\Users\Admin\AppData\Local\Temp\23de8ef1877192c5a0a6160aa5d11f9fb392af55bec9d626efdaf509d06e0840.exe
"C:\Users\Admin\AppData\Local\Temp\23de8ef1877192c5a0a6160aa5d11f9fb392af55bec9d626efdaf509d06e0840.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2208