afac44f3d45291fc6e6d4baa02c40e917cd251b9cc98956c86f1438a9ffeffc5

Analysis

max time kernel
120s
max time network
127s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
03/10/2023, 14:56

Target

afac44f3d45291fc6e6d4baa02c40e917cd251b9cc98956c86f1438a9ffeffc5_JC.exe
Size

35.9MB
MD5

0106919caf23d915b60431115254cab1
SHA1

0738004a741ecf69905c2baef23d66244435686c
SHA256

afac44f3d45291fc6e6d4baa02c40e917cd251b9cc98956c86f1438a9ffeffc5
SHA512

18140ecf50d0de62eb40b0f58d4a71568561c04a3890306c1ba73aa005fb3c53d8764d1d54337eca0b2c36fc0d136e22e3cefc0475c69d81c1d2b98d34996a98
SSDEEP

49152:gU6BC//nffeF+9H1kuQJBz44JWF6Ry0JB4BJnb4toYlq4L9g5oSeSae0az3YMhut:

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2232 wrote to memory of 2452	2232	afac44f3d45291fc6e6d4baa02c40e917cd251b9cc98956c86f1438a9ffeffc5_JC.exe	29
PID 2232 wrote to memory of 2452	2232	afac44f3d45291fc6e6d4baa02c40e917cd251b9cc98956c86f1438a9ffeffc5_JC.exe	29
PID 2232 wrote to memory of 2452	2232	afac44f3d45291fc6e6d4baa02c40e917cd251b9cc98956c86f1438a9ffeffc5_JC.exe	29

C:\Users\Admin\AppData\Local\Temp\afac44f3d45291fc6e6d4baa02c40e917cd251b9cc98956c86f1438a9ffeffc5_JC.exe
"C:\Users\Admin\AppData\Local\Temp\afac44f3d45291fc6e6d4baa02c40e917cd251b9cc98956c86f1438a9ffeffc5_JC.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2232
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2232 -s 520
  2⤵
  PID:2452

memory/2232-0-0x000007FEF5680000-0x000007FEF606C000-memory.dmp

Filesize
9.9MB

Download
memory/2232-1-0x0000000000F90000-0x0000000003374000-memory.dmp

Filesize
35.9MB

Download
memory/2232-2-0x000007FEF5680000-0x000007FEF606C000-memory.dmp

Filesize
9.9MB

Download