fc320db42d5590a8ca9d2537e772dba6f7c355e0e676506149b79f593cf8c50f

Analysis

max time kernel
145s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
02/01/2024, 17:48

Target

3e9d5cad9083305171a8507acff9e06f.exe
Size

14KB
MD5

3e9d5cad9083305171a8507acff9e06f
SHA1

da34d9189db1125c51fe5a837abcda80c651bf2e
SHA256

fc320db42d5590a8ca9d2537e772dba6f7c355e0e676506149b79f593cf8c50f
SHA512

ecf928dc6364cdcad08d0849822e77843a3a0ca80059c91352be5ec50e219ebd84e5a1ed2406c781bfd9e0559689263eb5d30cde5a86efbdc460fc3a2509c4f7
SSDEEP

192:di+k3o/0qA7TBpLeP1oynacHPUWSPACmmCrQPh3ptEn75SIiMiTtVMcQ4svwv:4+k3o8tPLI1xHP/wCrQP3iNvXiBOcGv+

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 732 set thread context of 3152	732	3e9d5cad9083305171a8507acff9e06f.exe	89

Program crash 1 IoCs

pid	pid_target	Process	procid_target
5076	3152	WerFault.exe	89

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 732 wrote to memory of 3152	732	3e9d5cad9083305171a8507acff9e06f.exe	89
PID 732 wrote to memory of 3152	732	3e9d5cad9083305171a8507acff9e06f.exe	89
PID 732 wrote to memory of 3152	732	3e9d5cad9083305171a8507acff9e06f.exe	89
PID 732 wrote to memory of 3152	732	3e9d5cad9083305171a8507acff9e06f.exe	89
PID 732 wrote to memory of 3152	732	3e9d5cad9083305171a8507acff9e06f.exe	89
PID 732 wrote to memory of 3152	732	3e9d5cad9083305171a8507acff9e06f.exe	89

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 3152 -ip 3152
1⤵
PID:5056

memory/3152-0-0x0000000000400000-0x0000000000402000-memory.dmp

Filesize
8KB

Download
memory/3152-2-0x0000000000400000-0x0000000000402000-memory.dmp

Filesize
8KB

Download