9251a9f9240332623176673862fb06d4b9b0bf9c2ea20f041fa85e2ea7ae041a

Analysis

max time kernel
119s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
28/12/2023, 22:18

Target

fc541d6055bb3eb6c4cc026edbd9517e.exe
Size

6KB
MD5

fc541d6055bb3eb6c4cc026edbd9517e
SHA1

676fa4e41c0d536f51d5cfd706d5ad78bee5e568
SHA256

9251a9f9240332623176673862fb06d4b9b0bf9c2ea20f041fa85e2ea7ae041a
SHA512

531dcb0500deb56afc74c8f23e54e71ebd54a36ede2ce9ed03007d12c3cc1e61f325aa4c3ee99eafc4b8dcc4518e5810c618fc8a718973c3cfd3b58eb20cae86
SSDEEP

48:Skbt0S4FVgCp471Ib4Fc/38+N7DYocHa23WlTpebVetFygFI5a2oxdVoZiG/9uaO:10mIGnFc/38+N4ZHJWSY9FI5Wq7x

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2536 wrote to memory of 1184	2536	fc541d6055bb3eb6c4cc026edbd9517e.exe	23
PID 2536 wrote to memory of 1184	2536	fc541d6055bb3eb6c4cc026edbd9517e.exe	23
PID 2536 wrote to memory of 1184	2536	fc541d6055bb3eb6c4cc026edbd9517e.exe	23

C:\Users\Admin\AppData\Local\Temp\fc541d6055bb3eb6c4cc026edbd9517e.exe
"C:\Users\Admin\AppData\Local\Temp\fc541d6055bb3eb6c4cc026edbd9517e.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2536
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2536 -s 32
  2⤵
  PID:1184