4d45e62dd6a5d3ddbe8c7530f4763fa0c7c6709f1616562a9fcd19e1d7e6b67a

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
06-01-2024 06:14

Target

457e8131c1477aa8924370f538613750.exe
Size

84KB
MD5

457e8131c1477aa8924370f538613750
SHA1

b5b23b6001d1a9b26fca7f410647b785cadeb455
SHA256

4d45e62dd6a5d3ddbe8c7530f4763fa0c7c6709f1616562a9fcd19e1d7e6b67a
SHA512

ecdcdbb61fa6f328098078ec92aee57cabc301f9fd44cf0ccb18edda7f56837377068c5300caa89e514665932d79be7af3a7974534819cb2e6f677e214c2fb60
SSDEEP

1536:kTMd1RxoXIy7GArumt2XNndrC+c+XvITrcbT77GLwAt+TEMirsaSiw:kgbxCv7Zt29ndmxavI/So+TEMiAmw

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2104	1384	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1384 wrote to memory of 2104	1384	457e8131c1477aa8924370f538613750.exe	28
PID 1384 wrote to memory of 2104	1384	457e8131c1477aa8924370f538613750.exe	28
PID 1384 wrote to memory of 2104	1384	457e8131c1477aa8924370f538613750.exe	28
PID 1384 wrote to memory of 2104	1384	457e8131c1477aa8924370f538613750.exe	28

C:\Users\Admin\AppData\Local\Temp\457e8131c1477aa8924370f538613750.exe
"C:\Users\Admin\AppData\Local\Temp\457e8131c1477aa8924370f538613750.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1384
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1384 -s 68
  2⤵
  - Program crash
  PID:2104