62f8e4b22a91304b5e9fd9a98d44695d6e22418c0cedcc7fa01894b25d3179f2

Analysis

max time kernel
121s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
02/02/2024, 04:47

Target

889835512ddb0275c786bd4a21aa1ffa.exe
Size

264KB
MD5

889835512ddb0275c786bd4a21aa1ffa
SHA1

6c01546edf8cfa7499e5a20644402acd5bcf6775
SHA256

62f8e4b22a91304b5e9fd9a98d44695d6e22418c0cedcc7fa01894b25d3179f2
SHA512

18d0478825cc350fa4463b63332e0436917ab1178098479baeed441ef89a7ed738ae6954f2026b58e8922d9b6f811f830e240a37d6be21477f3e5956681446d9
SSDEEP

6144:CdYwYnARrVid3pr9oj1mazmJD6UJDyIYnARrVid3pr9oj1macf:KJVZ0MIazmJGUJWIVZ0MIaa

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2460	2392	WerFault.exe	27

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2392	889835512ddb0275c786bd4a21aa1ffa.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2392 wrote to memory of 2460	2392	889835512ddb0275c786bd4a21aa1ffa.exe	28
PID 2392 wrote to memory of 2460	2392	889835512ddb0275c786bd4a21aa1ffa.exe	28
PID 2392 wrote to memory of 2460	2392	889835512ddb0275c786bd4a21aa1ffa.exe	28
PID 2392 wrote to memory of 2460	2392	889835512ddb0275c786bd4a21aa1ffa.exe	28

C:\Users\Admin\AppData\Local\Temp\889835512ddb0275c786bd4a21aa1ffa.exe
"C:\Users\Admin\AppData\Local\Temp\889835512ddb0275c786bd4a21aa1ffa.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2392
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2392 -s 188
  2⤵
  - Program crash
  PID:2460