39cffddb3acf57382ca6e5f642f0f3dae47d02878bafd9ce8cd1098d203d9cc4

Analysis

max time kernel
120s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 14:25

Target

39c27bc01c87d1760afb02b52cace09f.exe
Size

234KB
MD5

39c27bc01c87d1760afb02b52cace09f
SHA1

a4e9c0f6c364662c803f44decacafe98e35eb888
SHA256

39cffddb3acf57382ca6e5f642f0f3dae47d02878bafd9ce8cd1098d203d9cc4
SHA512

4a6e91e340a254e695076535719e4c032f379ed4746c5d0eb4102af9c125569e47408b5eccf8abd6a51f1d38f35a7412e9be80cfe19c48174595b79159f889e9
SSDEEP

3072:ay9HuDuCHj8Ns008bBC/ppGYjRWTY9ZuYMFkVaVQe5nu5xcTHFZqTTeTTTfqTTTN:ayXzbqSY1qYXMfQe5nOUHFZlxy5dL

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2224	836	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 836 wrote to memory of 2224	836	39c27bc01c87d1760afb02b52cace09f.exe	28
PID 836 wrote to memory of 2224	836	39c27bc01c87d1760afb02b52cace09f.exe	28
PID 836 wrote to memory of 2224	836	39c27bc01c87d1760afb02b52cace09f.exe	28
PID 836 wrote to memory of 2224	836	39c27bc01c87d1760afb02b52cace09f.exe	28

C:\Users\Admin\AppData\Local\Temp\39c27bc01c87d1760afb02b52cace09f.exe
"C:\Users\Admin\AppData\Local\Temp\39c27bc01c87d1760afb02b52cace09f.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:836
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 836 -s 136
  2⤵
  - Program crash
  PID:2224