b87bcb057cbf11ba76bb984bf82a1816e172d7d612ae4177771f57b94052adfb

Analysis

max time kernel
112s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 22:24

Target

1e5f3b21d289c05aed72ab92f7112f82.exe
Size

156KB
MD5

1e5f3b21d289c05aed72ab92f7112f82
SHA1

2a18c4acf54662ef9de42dbb961027214e736712
SHA256

b87bcb057cbf11ba76bb984bf82a1816e172d7d612ae4177771f57b94052adfb
SHA512

b14c9e24e9e907f1ef43e22c729624438dcec5d62508422145e8837ee92122cbeaf7b86c2a32d21a6f96586f087f9766c373ae02a43391fdf6b6dc0c835a3490
SSDEEP

3072:UNMtgS4aZhJdxKPE+vgu36MN9vqKyHjm6I1JDVOc29oE5j4oQT:Um7d0zvhqMN9vgjm6ILDVOVd

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4840	1220	WerFault.exe	16

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1220	1e5f3b21d289c05aed72ab92f7112f82.exe

C:\Users\Admin\AppData\Local\Temp\1e5f3b21d289c05aed72ab92f7112f82.exe
"C:\Users\Admin\AppData\Local\Temp\1e5f3b21d289c05aed72ab92f7112f82.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1220
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1220 -s 464
  2⤵
  - Program crash
  PID:4840

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 1220 -ip 1220
1⤵
PID:2468