10cb4396051f6dc4d46c66fedd34070dcd31db9332d4c6824abb7a060d4924a9

Analysis

max time kernel
119s
max time network
124s
platform
windows7_x64
resource
win7-20231023-en
resource tags

arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
submitted
11/11/2023, 18:58

Target

NEAS.43f374cf15e88eaa3b0709c322464340.exe
Size

188KB
MD5

43f374cf15e88eaa3b0709c322464340
SHA1

87f44659609ca7038c54ec57662a6d9d3216c617
SHA256

10cb4396051f6dc4d46c66fedd34070dcd31db9332d4c6824abb7a060d4924a9
SHA512

8e004d6578ad05a490a79ab60ea5cc7ae7377f7ae68221617043c57561667f6c2c2d004ade2fbcecf578135b9c8300f97b02731be76938f24c3e38eca877ee54
SSDEEP

768:oJEA+elap4nNM8+R6N5HzHa86fsWC/EVrMLF8L/1H5:oJ7+eltm8Y6jHO86s/EVku9

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2364	2228	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2228 wrote to memory of 2364	2228	NEAS.43f374cf15e88eaa3b0709c322464340.exe	28
PID 2228 wrote to memory of 2364	2228	NEAS.43f374cf15e88eaa3b0709c322464340.exe	28
PID 2228 wrote to memory of 2364	2228	NEAS.43f374cf15e88eaa3b0709c322464340.exe	28
PID 2228 wrote to memory of 2364	2228	NEAS.43f374cf15e88eaa3b0709c322464340.exe	28

C:\Users\Admin\AppData\Local\Temp\NEAS.43f374cf15e88eaa3b0709c322464340.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.43f374cf15e88eaa3b0709c322464340.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2228
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2228 -s 36
  2⤵
  - Program crash
  PID:2364

memory/2228-0-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download