9cbffd036d99d5dab5bdd9ec898ce8713e51bb98cef42bba000fa907f74e683e

Analysis

max time kernel
120s
max time network
120s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
11/01/2024, 13:27

Target

53a45291600a25e61fcef581567dd35a.exe
Size

110KB
MD5

53a45291600a25e61fcef581567dd35a
SHA1

1681fed204699516c2feb1ae2664fbd8a02ac83e
SHA256

9cbffd036d99d5dab5bdd9ec898ce8713e51bb98cef42bba000fa907f74e683e
SHA512

5bb512007aa42004be343b7106f68d1053077670cfa3e717fd0ae02cb07b1cdf526e9ad5c7b8dcb4a59009ef5ac9651fff8330ab5c4382d4cf686797088000c3
SSDEEP

1536:b8VQc2HkiKrVSmO4mAn8NPrekDxbuTjmj/peyKLfpOGq8x5kfnEA7X+deXyunJwG:b4avAn8NreE8O/peXxO20xbQ9uYTJNq

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2044	2216	WerFault.exe	1

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2216 wrote to memory of 2044	2216	53a45291600a25e61fcef581567dd35a.exe	28
PID 2216 wrote to memory of 2044	2216	53a45291600a25e61fcef581567dd35a.exe	28
PID 2216 wrote to memory of 2044	2216	53a45291600a25e61fcef581567dd35a.exe	28
PID 2216 wrote to memory of 2044	2216	53a45291600a25e61fcef581567dd35a.exe	28

C:\Users\Admin\AppData\Local\Temp\53a45291600a25e61fcef581567dd35a.exe
"C:\Users\Admin\AppData\Local\Temp\53a45291600a25e61fcef581567dd35a.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2216 -s 36
  2⤵
  - Program crash
  PID:2044

memory/2216-0-0x0000000000400000-0x000000000044B000-memory.dmp

Filesize
300KB

Download
memory/2216-1-0x0000000000400000-0x000000000044B000-memory.dmp

Filesize
300KB

Download