bc4a1ed4a78c851b6c8214e3cacc902b1d4954e7da4262eb85a688b8e5bdc0b8

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 17:33

Target

751ad929eaccc3e19022d7ae7eddc207.exe
Size

12KB
MD5

751ad929eaccc3e19022d7ae7eddc207
SHA1

c578c2e4e11831cd5c1314824c86e6e77f7069db
SHA256

bc4a1ed4a78c851b6c8214e3cacc902b1d4954e7da4262eb85a688b8e5bdc0b8
SHA512

a455aba7a98481c27b87f9f29df74a4ebff5ef67e6c68bd036f9edb5c55f7acd24ddd45807cd0cbac14d0ca4234560e9c27c8b6aef64ff5647b67cbae949f6d1
SSDEEP

96:cdGI4BGCdXJJBJFsXjug+efRUjgJ6j/Od71yQtQKQYQ:cM0MXJjkjuIRUsa/Od7MQjQYQ

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

2316 2204 WerFault.exe 751ad929eaccc3e19022d7ae7eddc207.exe

pid	pid_target	process	target process
2316	2204	WerFault.exe	751ad929eaccc3e19022d7ae7eddc207.exe

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

751ad929eaccc3e19022d7ae7eddc207.exe

description	pid	process	target process
PID 2204 wrote to memory of 2316	2204	751ad929eaccc3e19022d7ae7eddc207.exe	WerFault.exe
PID 2204 wrote to memory of 2316	2204	751ad929eaccc3e19022d7ae7eddc207.exe	WerFault.exe
PID 2204 wrote to memory of 2316	2204	751ad929eaccc3e19022d7ae7eddc207.exe	WerFault.exe
PID 2204 wrote to memory of 2316	2204	751ad929eaccc3e19022d7ae7eddc207.exe	WerFault.exe

C:\Users\Admin\AppData\Local\Temp\751ad929eaccc3e19022d7ae7eddc207.exe
"C:\Users\Admin\AppData\Local\Temp\751ad929eaccc3e19022d7ae7eddc207.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2204

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2204 -s 88
2⤵
- Program crash
PID:2316