342c1a56cfacbf9609456c4e760f8594590f458665ac496d01c9c6b7df9a9fe0

Analysis

max time kernel
119s
max time network
123s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
21/10/2023, 21:38

Target

NEAS.fe4ad74280c167d2e7d111c0a33853e0.exe
Size

98KB
MD5

fe4ad74280c167d2e7d111c0a33853e0
SHA1

ae15078c028dbd745e2b9d5924c723ebca75538c
SHA256

342c1a56cfacbf9609456c4e760f8594590f458665ac496d01c9c6b7df9a9fe0
SHA512

f09a85ed8cb5cb1da3b88a75488dfefbb81344b74c84b184edbc101bcc368490ff6f916eef2273c516d2c2cdf1eeb5a9da57ed6a090a30dcc446304294679204
SSDEEP

3072:VajpZXmDyhrED344AAAAAAAAAAAAAA+AAAAAAFjAAAAAAdpuQRdrEaeFKPD375lq:VajzXqD+/EaeYr75lHzpaF

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2752	2104	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2104 wrote to memory of 2752	2104	NEAS.fe4ad74280c167d2e7d111c0a33853e0.exe	28
PID 2104 wrote to memory of 2752	2104	NEAS.fe4ad74280c167d2e7d111c0a33853e0.exe	28
PID 2104 wrote to memory of 2752	2104	NEAS.fe4ad74280c167d2e7d111c0a33853e0.exe	28
PID 2104 wrote to memory of 2752	2104	NEAS.fe4ad74280c167d2e7d111c0a33853e0.exe	28

C:\Users\Admin\AppData\Local\Temp\NEAS.fe4ad74280c167d2e7d111c0a33853e0.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.fe4ad74280c167d2e7d111c0a33853e0.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2104
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2104 -s 140
  2⤵
  - Program crash
  PID:2752

memory/2104-0-0x0000000000400000-0x0000000000443000-memory.dmp

Filesize
268KB

Download
memory/2104-1-0x0000000000400000-0x0000000000443000-memory.dmp

Filesize
268KB

Download