db33a23c42ad74e57561bbf0e469fb43c92f1618d451cd1c422f43d13faa95b2

Analysis

max time kernel
121s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
22-12-2023 16:12

Target

eb796c1bc9fb2f49429a65eb8b9d30ad.exe
Size

360KB
MD5

eb796c1bc9fb2f49429a65eb8b9d30ad
SHA1

e8f09b51f6ca5908a33fdeaa43cb266b1a356820
SHA256

db33a23c42ad74e57561bbf0e469fb43c92f1618d451cd1c422f43d13faa95b2
SHA512

8c41641710e68306bd9c9d928a68765f1d06ec869f83f028f22febae703803fe9fecda1324baef9423177322bb0e390d410654ab1fcf246bac1c19091705f4fe
SSDEEP

6144:3j04g8JUI2s77voWH/Skmc0We51awI1AfvkKpxg6hpFA:i8Jn22ToZkm5We5hIyf8Kpxg6hpa

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1728	2256	WerFault.exe	14

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2256 wrote to memory of 1728	2256	eb796c1bc9fb2f49429a65eb8b9d30ad.exe	28
PID 2256 wrote to memory of 1728	2256	eb796c1bc9fb2f49429a65eb8b9d30ad.exe	28
PID 2256 wrote to memory of 1728	2256	eb796c1bc9fb2f49429a65eb8b9d30ad.exe	28
PID 2256 wrote to memory of 1728	2256	eb796c1bc9fb2f49429a65eb8b9d30ad.exe	28

C:\Users\Admin\AppData\Local\Temp\eb796c1bc9fb2f49429a65eb8b9d30ad.exe
"C:\Users\Admin\AppData\Local\Temp\eb796c1bc9fb2f49429a65eb8b9d30ad.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2256
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2256 -s 180
  2⤵
  - Program crash
  PID:1728