37e45b7df07002aecd86c5a367f0d35b31a137bea320c6139c516f806417bb8d

Analysis

max time kernel
143s
max time network
135s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31-12-2023 01:15

Target

4810c011295889f9d73cb199af4212cb7e74d7b64958f54373cc1f3111056bc2.exe
Size

8.3MB
MD5

32e84129eb212073582803e26af05448
SHA1

ba516a0c71caba1ddeb5e02cded878e37c00e514
SHA256

4810c011295889f9d73cb199af4212cb7e74d7b64958f54373cc1f3111056bc2
SHA512

954ed40193539517844104cea48f71716447944fddd38bce4352e6f47ef8623673778fc6e168e62e7180e2c0e912af7c4abd9a228f961cacc6ac95f39d184354
SSDEEP

49152:CQFkF9aPwySd6vTvPMY6stNqQMfrjNsgfqKiNZO5AcEzJXOnsWSU5BD/P1WN/Y0L:CQFObUyrp3ZAFJXOnsWJ5B7P1S/

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2424	320	WerFault.exe	19

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 320 wrote to memory of 2424	320	4810c011295889f9d73cb199af4212cb7e74d7b64958f54373cc1f3111056bc2.exe	28
PID 320 wrote to memory of 2424	320	4810c011295889f9d73cb199af4212cb7e74d7b64958f54373cc1f3111056bc2.exe	28
PID 320 wrote to memory of 2424	320	4810c011295889f9d73cb199af4212cb7e74d7b64958f54373cc1f3111056bc2.exe	28
PID 320 wrote to memory of 2424	320	4810c011295889f9d73cb199af4212cb7e74d7b64958f54373cc1f3111056bc2.exe	28

C:\Users\Admin\AppData\Local\Temp\4810c011295889f9d73cb199af4212cb7e74d7b64958f54373cc1f3111056bc2.exe
"C:\Users\Admin\AppData\Local\Temp\4810c011295889f9d73cb199af4212cb7e74d7b64958f54373cc1f3111056bc2.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:320
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 320 -s 884
  2⤵
  - Program crash
  PID:2424

memory/320-1-0x00000000774F0000-0x00000000774F1000-memory.dmp

Filesize
4KB

Download
memory/320-0-0x0000000000400000-0x0000000000C38000-memory.dmp

Filesize
8.2MB

Download
memory/320-3-0x0000000000400000-0x0000000000BEC000-memory.dmp

Filesize
7.9MB

Download
memory/320-2-0x00000000744C0000-0x0000000074BAE000-memory.dmp

Filesize
6.9MB

Download
memory/320-4-0x0000000002D00000-0x0000000002D40000-memory.dmp

Filesize
256KB

Download
memory/320-6-0x0000000000400000-0x0000000000C38000-memory.dmp

Filesize
8.2MB

Download
memory/320-8-0x00000000744C0000-0x0000000074BAE000-memory.dmp

Filesize
6.9MB

Download
memory/320-9-0x0000000002D00000-0x0000000002D40000-memory.dmp

Filesize
256KB

Download