e9805ae348252170f2737bcfbb1a78b36fd48aa4179f85a841d14c5df3528b55

Analysis

max time kernel
122s
max time network
147s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 05:19

Target

077b60cdf2b0921ebbf56d0dfa22eaf5.exe
Size

196KB
MD5

077b60cdf2b0921ebbf56d0dfa22eaf5
SHA1

e1e4fa74323d4711d64ce55f199134c0711f44f4
SHA256

e9805ae348252170f2737bcfbb1a78b36fd48aa4179f85a841d14c5df3528b55
SHA512

3ac27a58457ab4d4d13d0047e92ebfde2711a2ebba336cae6eefa9975eef05827bea4682da00797f1c5728642f2ba80e2278178917ddcdbb9686b495f3331988
SSDEEP

3072:A221r53eBs9hu/cdUb/VjV/iadyYA50a8zeRkgFcb0CLt72:A2GrxeB0MVZV/iaE0aieRkgFcB7

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2656	2216	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2216 wrote to memory of 2656	2216	077b60cdf2b0921ebbf56d0dfa22eaf5.exe	28
PID 2216 wrote to memory of 2656	2216	077b60cdf2b0921ebbf56d0dfa22eaf5.exe	28
PID 2216 wrote to memory of 2656	2216	077b60cdf2b0921ebbf56d0dfa22eaf5.exe	28
PID 2216 wrote to memory of 2656	2216	077b60cdf2b0921ebbf56d0dfa22eaf5.exe	28

C:\Users\Admin\AppData\Local\Temp\077b60cdf2b0921ebbf56d0dfa22eaf5.exe
"C:\Users\Admin\AppData\Local\Temp\077b60cdf2b0921ebbf56d0dfa22eaf5.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2216 -s 88
  2⤵
  - Program crash
  PID:2656