da2eab0cd5099a97f1f5f342527ad20f8cf5ac9a90e25663ba779974d5a42a2d

Analysis

max time kernel
117s
max time network
129s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
12/10/2023, 05:38

Target

da2eab0cd5099a97f1f5f342527ad20f8cf5ac9a90e25663ba779974d5a42a2d.exe
Size

1.8MB
MD5

6a079e75af8c77770b471a26e978a298
SHA1

7954e161de0efb110911a4c7554d456b52eaaf95
SHA256

da2eab0cd5099a97f1f5f342527ad20f8cf5ac9a90e25663ba779974d5a42a2d
SHA512

4511fb73c77599458c28def99675a91901b9041717f2382d9cef0afebb3a2cfc586c8d0591e7d130c087e2d6dc78fd1f506e484663203b4fe6f4eeeac6f3847f
SSDEEP

49152:vuQqJ4djB9caTytwC+a/g6jSHHbd0z4tFsab6DtFM:GIjDciy2C+0gwm7dgCTb6

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1996	2428	WerFault.exe	1

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2428 wrote to memory of 1996	2428	da2eab0cd5099a97f1f5f342527ad20f8cf5ac9a90e25663ba779974d5a42a2d.exe	28
PID 2428 wrote to memory of 1996	2428	da2eab0cd5099a97f1f5f342527ad20f8cf5ac9a90e25663ba779974d5a42a2d.exe	28
PID 2428 wrote to memory of 1996	2428	da2eab0cd5099a97f1f5f342527ad20f8cf5ac9a90e25663ba779974d5a42a2d.exe	28
PID 2428 wrote to memory of 1996	2428	da2eab0cd5099a97f1f5f342527ad20f8cf5ac9a90e25663ba779974d5a42a2d.exe	28

C:\Users\Admin\AppData\Local\Temp\da2eab0cd5099a97f1f5f342527ad20f8cf5ac9a90e25663ba779974d5a42a2d.exe
"C:\Users\Admin\AppData\Local\Temp\da2eab0cd5099a97f1f5f342527ad20f8cf5ac9a90e25663ba779974d5a42a2d.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2428
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2428 -s 196
  2⤵
  - Program crash
  PID:1996