acbdbcdfc2e3cd4c1b6ad00186427d09f93e0d36d6b9042010805e55e86bddcf

Analysis

max time kernel
141s
max time network
125s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
23/10/2023, 14:29

Target

acbdbcdfc2e3cd4c1b6ad00186427d09f93e0d36d6b9042010805e55e86bddcf.exe
Size

327KB
MD5

d17146cb57574a4c981b2dc5bfe8d2f0
SHA1

8113f832f3807c8c3c60642f782c77d85c3b57a5
SHA256

acbdbcdfc2e3cd4c1b6ad00186427d09f93e0d36d6b9042010805e55e86bddcf
SHA512

a3dfe31c4bf7cb1fa51f8309d8086f085b765c16b8e8759111f5c4ae09080e9a1e2a0125d2fd71801a88b4b9c16dba3e030a9d4de9b840f54281e85223124ac4
SSDEEP

6144:Ykxza7ALLvWwG2iAP+S7BhJC0k4aZudoWi3mriawF+Qva8qTvwjQd8:Zx+f956h7XQ0cs9FGZF5vXsd8

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2140 wrote to memory of 2432	2140	acbdbcdfc2e3cd4c1b6ad00186427d09f93e0d36d6b9042010805e55e86bddcf.exe	29
PID 2140 wrote to memory of 2432	2140	acbdbcdfc2e3cd4c1b6ad00186427d09f93e0d36d6b9042010805e55e86bddcf.exe	29
PID 2140 wrote to memory of 2432	2140	acbdbcdfc2e3cd4c1b6ad00186427d09f93e0d36d6b9042010805e55e86bddcf.exe	29

C:\Users\Admin\AppData\Local\Temp\acbdbcdfc2e3cd4c1b6ad00186427d09f93e0d36d6b9042010805e55e86bddcf.exe
"C:\Users\Admin\AppData\Local\Temp\acbdbcdfc2e3cd4c1b6ad00186427d09f93e0d36d6b9042010805e55e86bddcf.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2140
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2140 -s 36
  2⤵
  PID:2432

memory/2140-0-0x0000000000400000-0x0000000000454000-memory.dmp

Filesize
336KB

Download