d9f108999c536eee300a1de8e05f7bd7d1f8af32acb255f96303c8516a2f5b46

Analysis

max time kernel
170s
max time network
184s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 02:27

Target

0ba3ba35bb0ffe1a473a1182eb6810b7.exe
Size

298KB
MD5

0ba3ba35bb0ffe1a473a1182eb6810b7
SHA1

51f6be165c4e0171633ef45f416184f09f092f5a
SHA256

d9f108999c536eee300a1de8e05f7bd7d1f8af32acb255f96303c8516a2f5b46
SHA512

c9439961e8853f03a40810746fe7567d00ce666c7c58c33dbdb4a3959cc72fa00ac0c483876023103521b75e2787a6f6ca9a3e3f37a70de35b5904b0c414b1dd
SSDEEP

6144:yCRmcObhcgTh5wb4FX6Asn6DZ1EVJnzTF:fRmcOtckXHsn6Z63HF

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1600	1364	WerFault.exe	19

C:\Users\Admin\AppData\Local\Temp\0ba3ba35bb0ffe1a473a1182eb6810b7.exe
"C:\Users\Admin\AppData\Local\Temp\0ba3ba35bb0ffe1a473a1182eb6810b7.exe"
1⤵
PID:1364
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1364 -s 924
  2⤵
  - Program crash
  PID:1600

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 1364 -ip 1364
1⤵
PID:1644

memory/1364-0-0x0000000074D70000-0x0000000075520000-memory.dmp

Filesize
7.7MB

Download
memory/1364-1-0x0000000000860000-0x00000000008B0000-memory.dmp

Filesize
320KB

Download
memory/1364-2-0x00000000077C0000-0x000000000785E000-memory.dmp

Filesize
632KB

Download
memory/1364-3-0x0000000005390000-0x00000000053A0000-memory.dmp

Filesize
64KB

Download
memory/1364-4-0x0000000074D70000-0x0000000075520000-memory.dmp

Filesize
7.7MB

Download