380bdd26b0ce55306af1674c91fecd8d98f1682b656fdc1dabffa90f1622896d

Analysis

max time kernel
141s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
12/01/2024, 07:00

Target

55caf6f9c0ac97d3c09ee1a5a3571132.exe
Size

132KB
MD5

55caf6f9c0ac97d3c09ee1a5a3571132
SHA1

da3f6594e4709cc8ce0e342787fc172a6c4ee91c
SHA256

380bdd26b0ce55306af1674c91fecd8d98f1682b656fdc1dabffa90f1622896d
SHA512

97f9d52abaacd040428fb4e23b3a9f744d1cabf262cea88fc899c278917817299e62cefb91e774fa54ab48c09d318674f9d71e861beac5f201a71adb5e89f9c8
SSDEEP

1536:37N1Oj58h3rfAjw2QXvto1JSfehT95KH0J3GqNRopQ7eAmCixZYeIIu1edrBfM8v:rTg65Ew2wFzeD57J3j5Jm3x3Fqe97v

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2180	320	WerFault.exe	15

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 320 wrote to memory of 2180	320	55caf6f9c0ac97d3c09ee1a5a3571132.exe	28
PID 320 wrote to memory of 2180	320	55caf6f9c0ac97d3c09ee1a5a3571132.exe	28
PID 320 wrote to memory of 2180	320	55caf6f9c0ac97d3c09ee1a5a3571132.exe	28
PID 320 wrote to memory of 2180	320	55caf6f9c0ac97d3c09ee1a5a3571132.exe	28

C:\Users\Admin\AppData\Local\Temp\55caf6f9c0ac97d3c09ee1a5a3571132.exe
"C:\Users\Admin\AppData\Local\Temp\55caf6f9c0ac97d3c09ee1a5a3571132.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:320
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 320 -s 36
  2⤵
  - Program crash
  PID:2180

memory/320-0-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download