cb7221c10137348f87d879f44fe9c91624aa6e11ec5425a43f5a9c2a1360f47a

Analysis

max time kernel
119s
max time network
122s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
01/01/2024, 13:38

Target

3cfee0a92725ac8a7566a44e1da5f171.exe
Size

132KB
MD5

3cfee0a92725ac8a7566a44e1da5f171
SHA1

1fe92df35d50e224e515fa88fb7cbb21264c94d8
SHA256

cb7221c10137348f87d879f44fe9c91624aa6e11ec5425a43f5a9c2a1360f47a
SHA512

b9abfad85aa3fbf688f0a9b57cb29be931897da51cdd6d0e3e849dba40f9fb1ddd60dd70b906c3d946dcddc73489f84f8da5c2845f84daf3430d4cc18e5a7e63
SSDEEP

1536:PMe/YfYwORMwtdk/XjBEQKc715hBVWTnJasT4to9+dpnN2NVTaGyfbbjpaJ:PMcD9RztdslEgZ5DwT4GrMnSV8fzkJ

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process
2212	1712	WerFault.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1712 wrote to memory of 2212	1712	3cfee0a92725ac8a7566a44e1da5f171.exe	14
PID 1712 wrote to memory of 2212	1712	3cfee0a92725ac8a7566a44e1da5f171.exe	14
PID 1712 wrote to memory of 2212	1712	3cfee0a92725ac8a7566a44e1da5f171.exe	14
PID 1712 wrote to memory of 2212	1712	3cfee0a92725ac8a7566a44e1da5f171.exe	14

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1712 -s 36
1⤵
- Program crash
PID:2212

C:\Users\Admin\AppData\Local\Temp\3cfee0a92725ac8a7566a44e1da5f171.exe
"C:\Users\Admin\AppData\Local\Temp\3cfee0a92725ac8a7566a44e1da5f171.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1712