8c49a2ad3fa1c516d18fee4d9328afc76213c5de1473137f36d810da00ae6967

Analysis

max time kernel
155s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
10/10/2023, 21:23

Target

SecuriteInfo.com.W32.Xpack.E.gen.Eldorado.2694.exe
Size

680KB
MD5

c69d50253cd3e7283fd662b346247a92
SHA1

4b3f6e349c970328d8ef580c055a019de6f4cab7
SHA256

8c49a2ad3fa1c516d18fee4d9328afc76213c5de1473137f36d810da00ae6967
SHA512

5e12b6644dd8607ac71fa4c875563b1c3d3a7e2e3d9e9583669945b88722ed6ebc14a992b7ec9a4b8a03de30ec080ed5013cfd3121a2e5a2667b90a56f4e6808
SSDEEP

12288:TKCcu+Izqr8q38QMprTCx6gzTRBHFB5XWD3D12hsBA:TNcLIzu8q38QMQx6gZBHFrXWD3B2W

Score

3^/10

Program crash 2 IoCs

pid	pid_target	Process	procid_target
3280	4828	WerFault.exe	57
3080	4828	WerFault.exe	57

C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.Xpack.E.gen.Eldorado.2694.exe
"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.W32.Xpack.E.gen.Eldorado.2694.exe"
1⤵
PID:4828
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4828 -s 224
  2⤵
  - Program crash
  PID:3280
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4828 -s 264
  2⤵
  - Program crash
  PID:3080

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 180 -p 4828 -ip 4828
1⤵
PID:2620

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 4828 -ip 4828
1⤵
PID:224

memory/4828-0-0x0000000000400000-0x00000000004AA000-memory.dmp

Filesize
680KB

Download