e348015d3e5c4e0a76861ff511a55862148ef1bc0e4c15b50eb5900a912b3f7a

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
28/01/2024, 22:49

Target

7e35e598907d97e603b644bc25871227.exe
Size

54KB
MD5

7e35e598907d97e603b644bc25871227
SHA1

0ec81eb80ebb46972d5394d67bac9513ae2e82d4
SHA256

e348015d3e5c4e0a76861ff511a55862148ef1bc0e4c15b50eb5900a912b3f7a
SHA512

68ec9b2c7ff168d84713907fa2b947c1c0d29aa6c267e1bb575cd50af4d06f2b4e10df2eeb1da073fb1c2c0fbb9ce11d27bdd058318b99d5014006e5aae5b37e
SSDEEP

384:qYd7l9nCj0dLjm7mTpIBPEyEr/gDxrrrDp7VbbFaDrrrfOqvspSDwGmU/IQMt:qYd7ldfy7ykDo7wGd/Y

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2776	2356	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 2776	2356	7e35e598907d97e603b644bc25871227.exe	29
PID 2356 wrote to memory of 2776	2356	7e35e598907d97e603b644bc25871227.exe	29
PID 2356 wrote to memory of 2776	2356	7e35e598907d97e603b644bc25871227.exe	29
PID 2356 wrote to memory of 2776	2356	7e35e598907d97e603b644bc25871227.exe	29

C:\Users\Admin\AppData\Local\Temp\7e35e598907d97e603b644bc25871227.exe
"C:\Users\Admin\AppData\Local\Temp\7e35e598907d97e603b644bc25871227.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2356
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2356 -s 52
  2⤵
  - Program crash
  PID:2776