8ef213f1436e4a39155b9b93527eb8dca1f3ce8d19509ffca676fb245dbd6f79

Analysis

max time kernel
122s
max time network
131s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
14-01-2024 18:04

Target

5b7f10e1c962dc0675d3379c313c3b53.exe
Size

44KB
MD5

5b7f10e1c962dc0675d3379c313c3b53
SHA1

a21d9aaca1ed4c45817dcf92e05256305bb4c612
SHA256

8ef213f1436e4a39155b9b93527eb8dca1f3ce8d19509ffca676fb245dbd6f79
SHA512

8f55254734fd7a6589796c95c85a750cc52f1a6e75763a805d6e6ae9502c031250eb2b42658d8330021467b11199b6f1f6e300bbc157dbf956ab2590640fa4ab
SSDEEP

768:2T+F0Zr6VuI8Tj02+TKrAa3vRF6xxR7YM1JGm15RrQ0fA9Rot:2CFsralcjJ+TKEa/T6xEMvGm1vrQSA9c

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1776	1924	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1924 wrote to memory of 1776	1924	5b7f10e1c962dc0675d3379c313c3b53.exe	28
PID 1924 wrote to memory of 1776	1924	5b7f10e1c962dc0675d3379c313c3b53.exe	28
PID 1924 wrote to memory of 1776	1924	5b7f10e1c962dc0675d3379c313c3b53.exe	28
PID 1924 wrote to memory of 1776	1924	5b7f10e1c962dc0675d3379c313c3b53.exe	28

C:\Users\Admin\AppData\Local\Temp\5b7f10e1c962dc0675d3379c313c3b53.exe
"C:\Users\Admin\AppData\Local\Temp\5b7f10e1c962dc0675d3379c313c3b53.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1924
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1924 -s 136
  2⤵
  - Program crash
  PID:1776