75ede14150160f688fe5664ccc0578ffeaf9f4dc4031e4aa28e165730cfd3f9a

Analysis

max time kernel
149s
max time network
139s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
24-12-2023 19:23

Target

0d2da04f4f38c7908171424a51447a1b.exe
Size

349KB
MD5

0d2da04f4f38c7908171424a51447a1b
SHA1

4baa47595443d182a39fd2ccce5b19dbbb869acd
SHA256

75ede14150160f688fe5664ccc0578ffeaf9f4dc4031e4aa28e165730cfd3f9a
SHA512

063b2261b6def0764c26bf8d382497fa9185fcfa2ca215fd89b6b7d0da048a05ca7ffe6382f93210673fb27281b808281cfae0a72c06506861bd1337a212c6bf
SSDEEP

6144:UqdqF1rdfo4CAbG26by/AN1XghPMKzr4Oj6u0SH7Q94wOrpV3UY5Es5JR:Fd+rOAy26b06xkH007Q94rLtE6

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2120	2268	WerFault.exe	19

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2268 wrote to memory of 2120	2268	0d2da04f4f38c7908171424a51447a1b.exe	28
PID 2268 wrote to memory of 2120	2268	0d2da04f4f38c7908171424a51447a1b.exe	28
PID 2268 wrote to memory of 2120	2268	0d2da04f4f38c7908171424a51447a1b.exe	28
PID 2268 wrote to memory of 2120	2268	0d2da04f4f38c7908171424a51447a1b.exe	28

C:\Users\Admin\AppData\Local\Temp\0d2da04f4f38c7908171424a51447a1b.exe
"C:\Users\Admin\AppData\Local\Temp\0d2da04f4f38c7908171424a51447a1b.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2268
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2268 -s 88
  2⤵
  - Program crash
  PID:2120

memory/2268-0-0x0000000000400000-0x00000000004D4000-memory.dmp

Filesize
848KB

Download