e33b6a53aa28828436a46bd806b55111bc885f5da603d04da558aa3f11f77a2a

Analysis

max time kernel
144s
max time network
120s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 00:01

Target

07e084fb851f428105df2f8fb081c215.exe
Size

173KB
MD5

07e084fb851f428105df2f8fb081c215
SHA1

f7c5254f5edc717c941f7a730f99f5bbdf602748
SHA256

e33b6a53aa28828436a46bd806b55111bc885f5da603d04da558aa3f11f77a2a
SHA512

e3782609ee19e87930d8568c4bcc93ac51961d29980028cc76bfe23e7dffe4819245a3dcaa0093280ee3930f15357c47b7167c0fbae5493dfd575f46fa10506e
SSDEEP

3072:NCSrypcQfS80RGzcfkwQUhSkQ7rawejT3XpqMvvttaxbMDGzn:brxginQUh8fa9T3gMHjWsQ

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
5988	5804	WerFault.exe	14

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
5804	07e084fb851f428105df2f8fb081c215.exe
5804	07e084fb851f428105df2f8fb081c215.exe

C:\Users\Admin\AppData\Local\Temp\07e084fb851f428105df2f8fb081c215.exe
"C:\Users\Admin\AppData\Local\Temp\07e084fb851f428105df2f8fb081c215.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:5804
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 5804 -s 672
  2⤵
  - Program crash
  PID:5988

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 5804 -ip 5804
1⤵
PID:4744

memory/5804-0-0x0000000000400000-0x0000000000474000-memory.dmp

Filesize
464KB

Download
memory/5804-3-0x0000000000400000-0x0000000000474000-memory.dmp

Filesize
464KB

Download
memory/5804-2-0x00000000006A0000-0x00000000007A0000-memory.dmp

Filesize
1024KB

Download
memory/5804-5-0x0000000000400000-0x0000000000474000-memory.dmp

Filesize
464KB

Download