c4d2b91156d1725d9181f68cc0448bb7c42e518cc5e0b5e50f70a37f35582940

Analysis

max time kernel
153s
max time network
189s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30-12-2023 06:05

Target

10a5be26d5509b817686da2ad45494b9.exe
Size

29KB
MD5

10a5be26d5509b817686da2ad45494b9
SHA1

1e236c478f2498d5c333183503f9116bf1ab1cc9
SHA256

c4d2b91156d1725d9181f68cc0448bb7c42e518cc5e0b5e50f70a37f35582940
SHA512

ae22405e5e1318e9cbe239fdd1a1e32612cdaa2098ec809523641409fb16b797f94e2ed15451e42977c81ab881ed2a1cea6d3437e90b60a821e96bf393097d57
SSDEEP

384:MUW17puBWRT3Y1oCIK79LG4cwo8ZCVt4phZdeffIRl5XWfkK7/5NP4+WAQwYK8QY:Ir34oq7/o8ZMtQhmfgiThBlBQwYVElM

Score

3^/10

Program crash 2 IoCs

pid	pid_target	Process	procid_target
1280	2244	WerFault.exe	90
4884	2244	WerFault.exe	90

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2244 wrote to memory of 1280	2244	10a5be26d5509b817686da2ad45494b9.exe	96
PID 2244 wrote to memory of 1280	2244	10a5be26d5509b817686da2ad45494b9.exe	96
PID 2244 wrote to memory of 1280	2244	10a5be26d5509b817686da2ad45494b9.exe	96

C:\Users\Admin\AppData\Local\Temp\10a5be26d5509b817686da2ad45494b9.exe
"C:\Users\Admin\AppData\Local\Temp\10a5be26d5509b817686da2ad45494b9.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2244
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2244 -s 224
  2⤵
  - Program crash
  PID:1280
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2244 -s 224
  2⤵
  - Program crash
  PID:4884

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 192 -p 2244 -ip 2244
1⤵
PID:4824