95a2eebecc4b9a42ab2bb1d3dcc91f685efdb695ca2807dca5cd36d4904916a3

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
11-01-2024 23:17

Target

54db54465901bfcc9b3ccf9f3f5adfdf.exe
Size

367KB
MD5

54db54465901bfcc9b3ccf9f3f5adfdf
SHA1

1e8133026f17ab645666ecdc5bbbd0b586582396
SHA256

95a2eebecc4b9a42ab2bb1d3dcc91f685efdb695ca2807dca5cd36d4904916a3
SHA512

b94ace19408f19843263f1bdb57037a0d10cc4e828a3c9fde0f14f7dc131c613a1639e4bb81bba8ecb542da51c0ff36a687911a1d5a5c4a87460f4b8747feb2b
SSDEEP

6144:rpEcAd/Mm5ZkyUneRTnJOmQ4W4/6zA5K0TzJRCp4xRvKUllD/W13+h:rTAOm5eyUnJmCzAXTzJR3RvK6lCwh

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2032	2236	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2236 wrote to memory of 2032	2236	54db54465901bfcc9b3ccf9f3f5adfdf.exe	28
PID 2236 wrote to memory of 2032	2236	54db54465901bfcc9b3ccf9f3f5adfdf.exe	28
PID 2236 wrote to memory of 2032	2236	54db54465901bfcc9b3ccf9f3f5adfdf.exe	28
PID 2236 wrote to memory of 2032	2236	54db54465901bfcc9b3ccf9f3f5adfdf.exe	28

C:\Users\Admin\AppData\Local\Temp\54db54465901bfcc9b3ccf9f3f5adfdf.exe
"C:\Users\Admin\AppData\Local\Temp\54db54465901bfcc9b3ccf9f3f5adfdf.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2236
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2236 -s 116
  2⤵
  - Program crash
  PID:2032

memory/2236-0-0x00000000013E0000-0x0000000001440000-memory.dmp

Filesize
384KB

Download