05ff2fd43da435b2efdaff826aacc0b58333ecd05cef50ed96af3ee0e8d510c5

Analysis

max time kernel
175s
max time network
201s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 09:30

Target

63fc471b5113009dc09221ae0e965338.exe
Size

649KB
MD5

63fc471b5113009dc09221ae0e965338
SHA1

8159a6be07f048651005a4d73da05e50ada5fbb7
SHA256

05ff2fd43da435b2efdaff826aacc0b58333ecd05cef50ed96af3ee0e8d510c5
SHA512

59cd87c6e7961cbaaad07be0c5228d5667300c297a1bcfe520134ccd2e897c8d84b8f43b8da68eba90d93ca0dc3151f48f88b9edfc8bfa46eaadd6c0fdd3a064
SSDEEP

12288:IqZ0ZaOoVn4c5j3vTM/PkGNg3p+bT1nOMLhho2e1/iu99qduL86AKV3NeamthKy7:cg573vT6PkOjbpZhyF/iur/L86AKV3NM

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2192	4280	WerFault.exe	87

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
4280	63fc471b5113009dc09221ae0e965338.exe

C:\Users\Admin\AppData\Local\Temp\63fc471b5113009dc09221ae0e965338.exe
"C:\Users\Admin\AppData\Local\Temp\63fc471b5113009dc09221ae0e965338.exe"
1⤵
- Suspicious use of UnmapMainImage
PID:4280
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4280 -s 552
  2⤵
  - Program crash
  PID:2192

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4280 -ip 4280
1⤵
PID:1552

memory/4280-0-0x0000000002220000-0x000000000223F000-memory.dmp

Filesize
124KB

Download
memory/4280-1-0x0000000000400000-0x00000000004A2000-memory.dmp

Filesize
648KB

Download