815cec40e6ceee79c38c1221b0642cca20b609ecaf80c51be0462755fc8f04e4

Analysis

max time kernel
118s
max time network
121s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
29/01/2024, 11:32

Target

7fbbce24a345608a23a72c508bfdccec.exe
Size

56KB
MD5

7fbbce24a345608a23a72c508bfdccec
SHA1

738c765372ce42ab7c1795bde06ff318f24d0d6f
SHA256

815cec40e6ceee79c38c1221b0642cca20b609ecaf80c51be0462755fc8f04e4
SHA512

72bae07825d15eceb968162d9214c7c39792aa8b46d2316742d48749168d7f765c276e9a295e9c6fbf167a7671b05d58627f8e63d5380cc4bebddf8aba9dfb45
SSDEEP

768:QaKmLlGmcYUjlHCSro95z/+bhc1Xd1VTAv3JOFhQgypcrp+igSUM3WGw4GRCxpmP:xd/Q62Ppcrp+5WnGRCfH3r6hbJyUNAfG

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2944	2212	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2212 wrote to memory of 2944	2212	7fbbce24a345608a23a72c508bfdccec.exe	28
PID 2212 wrote to memory of 2944	2212	7fbbce24a345608a23a72c508bfdccec.exe	28
PID 2212 wrote to memory of 2944	2212	7fbbce24a345608a23a72c508bfdccec.exe	28
PID 2212 wrote to memory of 2944	2212	7fbbce24a345608a23a72c508bfdccec.exe	28

C:\Users\Admin\AppData\Local\Temp\7fbbce24a345608a23a72c508bfdccec.exe
"C:\Users\Admin\AppData\Local\Temp\7fbbce24a345608a23a72c508bfdccec.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2212
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2212 -s 36
  2⤵
  - Program crash
  PID:2944