61768a6ad48483848b67305215f24ff41230ca43523013cbbbb71837e2e3e896

Analysis

max time kernel
117s
max time network
120s
platform
windows7_x64
resource
win7-20231025-en
resource tags

arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
submitted
11/11/2023, 12:16

Target

NEAS.f8be453263d5f072d1edfda47e09f010.exe
Size

228KB
MD5

f8be453263d5f072d1edfda47e09f010
SHA1

c5cba572992a8776fbfdb8687e553e902bad8003
SHA256

61768a6ad48483848b67305215f24ff41230ca43523013cbbbb71837e2e3e896
SHA512

6de77f515e5e1fcac463dfcfc29410d1791679ecf347d749241b0ed681f6643e3d773697a6ee56f163393c7d44e0f13879c1fbf3da8250b1692bb3c5c14b2ce8
SSDEEP

1536:W6uhKeO7NPHLDyqzFM8GuN/MMQemYd5RQDDbEyRCRRRoR4Rk:5uABDyqBM83/lj1d5ezEy032ya

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process
2356	2204	WerFault.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2204 wrote to memory of 2356	2204	NEAS.f8be453263d5f072d1edfda47e09f010.exe	14
PID 2204 wrote to memory of 2356	2204	NEAS.f8be453263d5f072d1edfda47e09f010.exe	14
PID 2204 wrote to memory of 2356	2204	NEAS.f8be453263d5f072d1edfda47e09f010.exe	14
PID 2204 wrote to memory of 2356	2204	NEAS.f8be453263d5f072d1edfda47e09f010.exe	14

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2204 -s 36
1⤵
- Program crash
PID:2356

C:\Users\Admin\AppData\Local\Temp\NEAS.f8be453263d5f072d1edfda47e09f010.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.f8be453263d5f072d1edfda47e09f010.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2204

memory/2204-0-0x0000000000400000-0x0000000000439000-memory.dmp

Filesize
228KB

Download