55d7deee93b0e6c0a3910b89bfbedf86c1b25643f8dc1feb64ec1efc0877335f

Analysis

max time kernel
23s
max time network
18s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
20/02/2024, 00:48

Target

Widget Launcher Installer.exe
Size

559KB
MD5

fca4ccdb0f7bbb6e3eb625a37e510144
SHA1

f05dc05520e3e529d88e20a181d7e9baacb8642c
SHA256

55d7deee93b0e6c0a3910b89bfbedf86c1b25643f8dc1feb64ec1efc0877335f
SHA512

932e88e39498e9bfa422ed2c1637978fa3f64d4e059e1ca97ce9024e9dcbcd5e073b3746e25c432f416a7d8abdf22f4e4ccfbf507b8fff4cf3b33bd0a690e314
SSDEEP

6144:t/SqpkbQHOSdzjO2+SV4qdeNAmOrrKvcjOJ9THlpBLqqHPh8hEl:ta6kbQHxVoNMDaHlpYEl

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2172 wrote to memory of 2796	2172	Widget Launcher Installer.exe	29
PID 2172 wrote to memory of 2796	2172	Widget Launcher Installer.exe	29
PID 2172 wrote to memory of 2796	2172	Widget Launcher Installer.exe	29

C:\Users\Admin\AppData\Local\Temp\Widget Launcher Installer.exe
"C:\Users\Admin\AppData\Local\Temp\Widget Launcher Installer.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2172
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2172 -s 628
  2⤵
  PID:2796

memory/2172-0-0x0000000000860000-0x00000000008EA000-memory.dmp

Filesize
552KB

Download
memory/2172-1-0x000007FEF5CA0000-0x000007FEF668C000-memory.dmp

Filesize
9.9MB

Download
memory/2172-2-0x000000001B280000-0x000000001B300000-memory.dmp

Filesize
512KB

Download
memory/2172-3-0x000007FEF5CA0000-0x000007FEF668C000-memory.dmp

Filesize
9.9MB

Download