9ce74ef74fa220a5be7ead5afffbdfe56bca377f686b12229e820224b3d43080

Analysis

max time kernel
117s
max time network
120s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
29/12/2023, 21:00

Target

03df9a414f45962e2cec65a871bf2f50.exe
Size

56KB
MD5

03df9a414f45962e2cec65a871bf2f50
SHA1

6c3265b65f120957dfad6e88895849599aa5cfc6
SHA256

9ce74ef74fa220a5be7ead5afffbdfe56bca377f686b12229e820224b3d43080
SHA512

04bf0f8f59825e85a912b8e70edf1a4197c29b009a93749d83677a083df8471f3002f09826cf4e4788db246d9f8711cd4cf5ba828f02a3b99e0d17daf2323f43
SSDEEP

768:leeeefzMABFf49+shghCUKVnsGYdmMsg4Hpl0PbCiprD3bvU37eexMCApN4mU5pd:leeeefQkPo3653YpxMl2jnGkmUb1DH

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2180	2260	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2260 wrote to memory of 2180	2260	03df9a414f45962e2cec65a871bf2f50.exe	28
PID 2260 wrote to memory of 2180	2260	03df9a414f45962e2cec65a871bf2f50.exe	28
PID 2260 wrote to memory of 2180	2260	03df9a414f45962e2cec65a871bf2f50.exe	28
PID 2260 wrote to memory of 2180	2260	03df9a414f45962e2cec65a871bf2f50.exe	28

C:\Users\Admin\AppData\Local\Temp\03df9a414f45962e2cec65a871bf2f50.exe
"C:\Users\Admin\AppData\Local\Temp\03df9a414f45962e2cec65a871bf2f50.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2260
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2260 -s 36
  2⤵
  - Program crash
  PID:2180