3af066f7291a48416bdd6f90278dc74dca6221cb660728070a287646c9236cf1

Analysis

max time kernel
144s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
29-01-2024 10:48

Target

2744-67-0x00000000004E0000-0x0000000001542000-memory.exe
Size

16.4MB
MD5

5b9d55460871568c54f9463b836c002a
SHA1

abef02d59c1ef7a3690eac3d9fb69e95dbd18257
SHA256

3af066f7291a48416bdd6f90278dc74dca6221cb660728070a287646c9236cf1
SHA512

768ba0c986db53b79b6cca19da1c1299cf8e0dd3982a6429af76bb16f0d0bfb04dfc7f6ea867fdcc1219e8545e298b35eca7c4542040ddf0fbc9d00a97bad97a
SSDEEP

3072:KKnlBBgLak/62uZo6AT6z9QyfJlxKyJrRqcIue6+YOiq:dlTN79QKKWSYO9

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

4072 4936 WerFault.exe 2744-67-0x00000000004E0000-0x0000000001542000-memory.exe

pid	pid_target	process	target process
4072	4936	WerFault.exe	2744-67-0x00000000004E0000-0x0000000001542000-memory.exe

C:\Users\Admin\AppData\Local\Temp\2744-67-0x00000000004E0000-0x0000000001542000-memory.exe
"C:\Users\Admin\AppData\Local\Temp\2744-67-0x00000000004E0000-0x0000000001542000-memory.exe"
1⤵
PID:4936
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4936 -s 216
  2⤵
  - Program crash
  PID:4072

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 4936 -ip 4936
1⤵
PID:1988