4c3f0c6d45f755933775504d5d6ab8f4d54cadcdd6af1a31a69eb3241cd9e541

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
26-12-2023 09:03

Target

6215acdf5b60484557729fbcd8b0c98b.exe
Size

88KB
MD5

6215acdf5b60484557729fbcd8b0c98b
SHA1

5cb668b9703613c0d16072153af0bd74c0187efb
SHA256

4c3f0c6d45f755933775504d5d6ab8f4d54cadcdd6af1a31a69eb3241cd9e541
SHA512

60ad93c4dc52fe2e3b7b402dbf28d1979eec2c6a29c9f7350ec5b6d5fc86a9b4cd6f61f82c0ccb294492a0b2406cd158063ed2b958238579ec1b1f22444e9ec5
SSDEEP

1536:tMTXfnXzKiPivckT7aNxhBs+BTf8o5VkJDjCCGzJkXN5:ynDFavPT70xhBs+9fvaHGzJk95

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2192	2360	WerFault.exe	1

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2360	6215acdf5b60484557729fbcd8b0c98b.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 2192	2360	6215acdf5b60484557729fbcd8b0c98b.exe	28
PID 2360 wrote to memory of 2192	2360	6215acdf5b60484557729fbcd8b0c98b.exe	28
PID 2360 wrote to memory of 2192	2360	6215acdf5b60484557729fbcd8b0c98b.exe	28
PID 2360 wrote to memory of 2192	2360	6215acdf5b60484557729fbcd8b0c98b.exe	28

C:\Users\Admin\AppData\Local\Temp\6215acdf5b60484557729fbcd8b0c98b.exe
"C:\Users\Admin\AppData\Local\Temp\6215acdf5b60484557729fbcd8b0c98b.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2360
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2360 -s 224
  2⤵
  - Program crash
  PID:2192