2da9d87c22a365a4d7c192cdd094da2d140d45ec3912b4036a7ee3d59cb7ac45

Analysis

max time kernel
118s
max time network
121s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
01/11/2023, 14:14

Target

NEAS.8752d699059f2b4edd0e9f69e676e530.exe
Size

204KB
MD5

8752d699059f2b4edd0e9f69e676e530
SHA1

14edba8922d1b126e286a490ab0c5b865469e4a9
SHA256

2da9d87c22a365a4d7c192cdd094da2d140d45ec3912b4036a7ee3d59cb7ac45
SHA512

10ec43abc4a5dc03db7903b6307edc53615579f05384c91cc744825ff46375f358f7a15c7742cd9009ac9ed3c8df5fd5a7f883386baf904227523a49974e82fe
SSDEEP

768:74JkgqVkCkCf5i5hYYBViUPlpOl/JdAnmexges0QLEST/1H5tXdnhg:PyCkm5i55BJIl/J6nfgOQwShx

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1112	2848	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2848 wrote to memory of 1112	2848	NEAS.8752d699059f2b4edd0e9f69e676e530.exe	28
PID 2848 wrote to memory of 1112	2848	NEAS.8752d699059f2b4edd0e9f69e676e530.exe	28
PID 2848 wrote to memory of 1112	2848	NEAS.8752d699059f2b4edd0e9f69e676e530.exe	28
PID 2848 wrote to memory of 1112	2848	NEAS.8752d699059f2b4edd0e9f69e676e530.exe	28

C:\Users\Admin\AppData\Local\Temp\NEAS.8752d699059f2b4edd0e9f69e676e530.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.8752d699059f2b4edd0e9f69e676e530.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2848
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2848 -s 36
  2⤵
  - Program crash
  PID:1112

memory/2848-0-0x0000000000400000-0x0000000000433000-memory.dmp

Filesize
204KB

Download