10e68f3e6c73161a1bba85ef9bada0cd79e25382ea8f8635bec4aa51bfe6c707

Resubmissions

11-01-2024 14:51

18-12-2023 13:56

max time kernel
121s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
11-01-2024 14:51

Target

10e68f3e6c73161a1bba85ef9bada0cd79e25382ea8f8635bec4aa51bfe6c707.exe
Size

13KB
MD5

99516071d8f3e78e51200948bf377c4c
SHA1

59fe505b24bdfa54ee6e4188ed8b88af9a42eb86
SHA256

10e68f3e6c73161a1bba85ef9bada0cd79e25382ea8f8635bec4aa51bfe6c707
SHA512

4fa7de0e3ceef3231405da70f234b140120568ba5b116f04848cd2f0452213baa05638db8efacf74c8f8b65db7c974e6a49aff34449d7007049921ee93119678
SSDEEP

192:iWuo0OdEZbue7hTthpz5/y9eO5tfwcKExzp:xEwkhZFfN+zp

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

10e68f3e6c73161a1bba85ef9bada0cd79e25382ea8f8635bec4aa51bfe6c707.exe

description	pid	process	target process
PID 2416 wrote to memory of 1956	2416	10e68f3e6c73161a1bba85ef9bada0cd79e25382ea8f8635bec4aa51bfe6c707.exe	WerFault.exe
PID 2416 wrote to memory of 1956	2416	10e68f3e6c73161a1bba85ef9bada0cd79e25382ea8f8635bec4aa51bfe6c707.exe	WerFault.exe
PID 2416 wrote to memory of 1956	2416	10e68f3e6c73161a1bba85ef9bada0cd79e25382ea8f8635bec4aa51bfe6c707.exe	WerFault.exe

C:\Users\Admin\AppData\Local\Temp\10e68f3e6c73161a1bba85ef9bada0cd79e25382ea8f8635bec4aa51bfe6c707.exe
"C:\Users\Admin\AppData\Local\Temp\10e68f3e6c73161a1bba85ef9bada0cd79e25382ea8f8635bec4aa51bfe6c707.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2416
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2416 -s 28
  2⤵
  PID:1956