74bfad3720b7ac144cba75e4d542680722b704b2e15fa8fa43cc4469697ae9cf

Analysis

max time kernel
118s
max time network
121s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
19/01/2024, 13:06

Target

67b19416af0020b5fc4d3251758a1eaf.exe
Size

67KB
MD5

67b19416af0020b5fc4d3251758a1eaf
SHA1

261430e51d55df1a2c23a0665a9654f4f5b36fac
SHA256

74bfad3720b7ac144cba75e4d542680722b704b2e15fa8fa43cc4469697ae9cf
SHA512

07e59067e141719c063be6b188980c932561dfcc86a16c86d4a7a790ee402bea6803b35dd52fe28f5356e24f4d7270b1ad626040870f78ae3b4aa89ef1d5f255
SSDEEP

1536:cj/JsCj3iLk2qyIRW+KPsy6hFGjEPWkvdHsALInI9cprDtf8MAJ5BLsX1pZsaq74:4BiqILEnpDvtW529dYdS3qc/N93DK

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2972	2240	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2240 wrote to memory of 2972	2240	67b19416af0020b5fc4d3251758a1eaf.exe	28
PID 2240 wrote to memory of 2972	2240	67b19416af0020b5fc4d3251758a1eaf.exe	28
PID 2240 wrote to memory of 2972	2240	67b19416af0020b5fc4d3251758a1eaf.exe	28
PID 2240 wrote to memory of 2972	2240	67b19416af0020b5fc4d3251758a1eaf.exe	28

C:\Users\Admin\AppData\Local\Temp\67b19416af0020b5fc4d3251758a1eaf.exe
"C:\Users\Admin\AppData\Local\Temp\67b19416af0020b5fc4d3251758a1eaf.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2240
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2240 -s 36
  2⤵
  - Program crash
  PID:2972

memory/2240-0-0x0000000000400000-0x000000000042E000-memory.dmp

Filesize
184KB

Download