7cdfbc351b55f85f883a4214f79d5b23d60dd70eecbca3e3f173dba3f66e8e06

Analysis

max time kernel
160s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 02:31

Target

0bbcf23d2428a9dc767d5a73da75ca0a.exe
Size

137KB
MD5

0bbcf23d2428a9dc767d5a73da75ca0a
SHA1

4bbee4ab7f5aa3deb834d765709429430b04ebfa
SHA256

7cdfbc351b55f85f883a4214f79d5b23d60dd70eecbca3e3f173dba3f66e8e06
SHA512

c414fb747aa0452760b8d4c310671c757186c18a51f9251e7e5696cd9885cadc67d9fb01d3eec145d33f69ac3865d36537244ac23819e4759c7971b98fb0110b
SSDEEP

3072:/oq75RzVpEizCpdI0Tky7J40fIc+duiA4D5D+yk+eS/fmFRH://3Jyi+Cy1L/zn4D5XYS/+F

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2412	2136	WerFault.exe	14

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2136 wrote to memory of 2412	2136	0bbcf23d2428a9dc767d5a73da75ca0a.exe	15
PID 2136 wrote to memory of 2412	2136	0bbcf23d2428a9dc767d5a73da75ca0a.exe	15
PID 2136 wrote to memory of 2412	2136	0bbcf23d2428a9dc767d5a73da75ca0a.exe	15
PID 2136 wrote to memory of 2412	2136	0bbcf23d2428a9dc767d5a73da75ca0a.exe	15

C:\Users\Admin\AppData\Local\Temp\0bbcf23d2428a9dc767d5a73da75ca0a.exe
"C:\Users\Admin\AppData\Local\Temp\0bbcf23d2428a9dc767d5a73da75ca0a.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2136
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2136 -s 36
  2⤵
  - Program crash
  PID:2412

memory/2136-0-0x0000000000400000-0x0000000000459000-memory.dmp

Filesize
356KB

Download
memory/2136-1-0x0000000000400000-0x0000000000459000-memory.dmp

Filesize
356KB

Download