3fd87d314634508458a7e96e3f2b7dbe49e103d05691cb5ec1315c7fda82efd1

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
02/02/2024, 06:12

Target

88c4811e2a98abb5dd8051899628066d.exe
Size

44KB
MD5

88c4811e2a98abb5dd8051899628066d
SHA1

9d89c1d6579827d72b2662d712dcd76c562c9725
SHA256

3fd87d314634508458a7e96e3f2b7dbe49e103d05691cb5ec1315c7fda82efd1
SHA512

a3e34f88943df8a3f59bd691ce37a188227ab36bd2593142344d1cd66898b62d76de2dad04a5a711d082d68b5f51757c8f12d23e9e44de1d8d97cb723377db4f
SSDEEP

384:KSQdQDBs9THDaDyQoF5CU/EP3DriKP6hb/JBou5ZskqSCSMKPcfCoUKi+UdFyC:SeDBAzDZFDKP6JJSuSTL6wQCUdoC

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2316	2108	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2108 wrote to memory of 2316	2108	88c4811e2a98abb5dd8051899628066d.exe	28
PID 2108 wrote to memory of 2316	2108	88c4811e2a98abb5dd8051899628066d.exe	28
PID 2108 wrote to memory of 2316	2108	88c4811e2a98abb5dd8051899628066d.exe	28
PID 2108 wrote to memory of 2316	2108	88c4811e2a98abb5dd8051899628066d.exe	28

C:\Users\Admin\AppData\Local\Temp\88c4811e2a98abb5dd8051899628066d.exe
"C:\Users\Admin\AppData\Local\Temp\88c4811e2a98abb5dd8051899628066d.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2108
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2108 -s 92
  2⤵
  - Program crash
  PID:2316