f2fc1ba3ecaa4ff4d05a04bc55a667da909b5cf544980d96aae334e5b65d0f33

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
13/10/2023, 20:03 UTC

Target

NEAS.2c75fec0f8d2bcdaaba97674d8b8cdc0.exe
Size

192KB
MD5

2c75fec0f8d2bcdaaba97674d8b8cdc0
SHA1

8bb5cc20a2086d5b08e7399c3005d8771b78b07f
SHA256

f2fc1ba3ecaa4ff4d05a04bc55a667da909b5cf544980d96aae334e5b65d0f33
SHA512

b9b55e6625f65c18fbf5d533dfca67617f3e06306fd9cc4970502b04c7a75a26c533be223f624fceefa570dffadac399c79a2973791c458ad329e910aac9be2d
SSDEEP

1536:XJ/ZhdMwMIpz6T/XTSLWhw5PboEymE6f:XJ/ZhdMwMIpz6T/XTDhw5Pc+E6

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1744	2208	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2208 wrote to memory of 1744	2208	NEAS.2c75fec0f8d2bcdaaba97674d8b8cdc0.exe	28
PID 2208 wrote to memory of 1744	2208	NEAS.2c75fec0f8d2bcdaaba97674d8b8cdc0.exe	28
PID 2208 wrote to memory of 1744	2208	NEAS.2c75fec0f8d2bcdaaba97674d8b8cdc0.exe	28
PID 2208 wrote to memory of 1744	2208	NEAS.2c75fec0f8d2bcdaaba97674d8b8cdc0.exe	28

C:\Users\Admin\AppData\Local\Temp\NEAS.2c75fec0f8d2bcdaaba97674d8b8cdc0.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.2c75fec0f8d2bcdaaba97674d8b8cdc0.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2208
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2208 -s 36
  2⤵
  - Program crash
  PID:1744