f9a0d9ef6ad24befef883a717844e737ef873fa9985a10571416ccad8d112554

Analysis

max time kernel
140s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
29-01-2024 00:43

Target

7e6dbd5babb956d8b52eefb2516b343e.exe
Size

79KB
MD5

7e6dbd5babb956d8b52eefb2516b343e
SHA1

e819e059de0b7eeb0570b45c52cb97ddea17f5e2
SHA256

f9a0d9ef6ad24befef883a717844e737ef873fa9985a10571416ccad8d112554
SHA512

606df9670ccc23a7effbc1f4c5d5b0d3b79fedd820dcbe0ba16f420dafca599db33f65f26387e976ee7451e9e45c80ae70874875431f021fc2585760e494913c
SSDEEP

1536:co15MzLpvuwjavf5UpLQCRvsmV7pzBR8Okt5z50whGq:V15MzlDa3lCRlzB+OkthKwkq

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2832	2360	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 2832	2360	7e6dbd5babb956d8b52eefb2516b343e.exe	28
PID 2360 wrote to memory of 2832	2360	7e6dbd5babb956d8b52eefb2516b343e.exe	28
PID 2360 wrote to memory of 2832	2360	7e6dbd5babb956d8b52eefb2516b343e.exe	28
PID 2360 wrote to memory of 2832	2360	7e6dbd5babb956d8b52eefb2516b343e.exe	28

C:\Users\Admin\AppData\Local\Temp\7e6dbd5babb956d8b52eefb2516b343e.exe
"C:\Users\Admin\AppData\Local\Temp\7e6dbd5babb956d8b52eefb2516b343e.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2360
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2360 -s 88
  2⤵
  - Program crash
  PID:2832

memory/2360-0-0x0000000044440000-0x0000000044457000-memory.dmp

Filesize
92KB

Download