da53f58a76a665df7867d8a0b799ff123414b82eea092f0037f3c0822ee07eb8

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 01:00

Target

2272d65a1c4b0971ec37263f268e6719.exe
Size

42KB
MD5

2272d65a1c4b0971ec37263f268e6719
SHA1

9496f6ca00215dd7754e735fef95d832f1422671
SHA256

da53f58a76a665df7867d8a0b799ff123414b82eea092f0037f3c0822ee07eb8
SHA512

acede9c70d0490dc838e9255309ae2c13a0156173be7c541a4eea676685f0fd0542dd2eb11e0bb2e6b71ed735ae732fe02f324982e293ad5a4c5c1313f69b08b
SSDEEP

768:0/HNoI5Yc5GC/RlOfyKi5CIzjFkVxBdrrVAl7WsJLDUbzkVmijzWtm:OyI5GqR8I1zjOvVAl7WsJLobwVvqw

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2512	2040	WerFault.exe	25

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2040 wrote to memory of 2512	2040	2272d65a1c4b0971ec37263f268e6719.exe	28
PID 2040 wrote to memory of 2512	2040	2272d65a1c4b0971ec37263f268e6719.exe	28
PID 2040 wrote to memory of 2512	2040	2272d65a1c4b0971ec37263f268e6719.exe	28
PID 2040 wrote to memory of 2512	2040	2272d65a1c4b0971ec37263f268e6719.exe	28

C:\Users\Admin\AppData\Local\Temp\2272d65a1c4b0971ec37263f268e6719.exe
"C:\Users\Admin\AppData\Local\Temp\2272d65a1c4b0971ec37263f268e6719.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2040
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2040 -s 88
  2⤵
  - Program crash
  PID:2512

memory/2040-0-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2040-1-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download