903fcbe9b6917a3611512b4074623dc02233f226da3498a0f17102cf6a8c8206

Analysis

max time kernel
150s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
20/02/2024, 05:51

Target

903fcbe9b6917a3611512b4074623dc02233f226da3498a0f17102cf6a8c8206.exe
Size

291KB
MD5

df52c247ac17f9f38765ab0b0f79e52c
SHA1

ecb7cfb075336b234c0cec65c453780e50243776
SHA256

903fcbe9b6917a3611512b4074623dc02233f226da3498a0f17102cf6a8c8206
SHA512

e3a523de8fcbd24b1060e55ddef7f3f1932c4749763a093291b086b2f0ec5e74a56cae96a73b6f6f6d4ab88ab2efd38584bc09095151c0c72920360f2410c292
SSDEEP

6144:biZlRS0bUI7pfi6tbH7RsNmhGZL27PUq:saqftsN5g

Score

8^/10

Program crash 7 IoCs

pid	pid_target	Process	procid_target
1944	3568	WerFault.exe	83
3916	3568	WerFault.exe	83
2596	3568	WerFault.exe	83
2976	3568	WerFault.exe	83
1716	3568	WerFault.exe	83
3120	3568	WerFault.exe	83
3348	3568	WerFault.exe	83

C:\Users\Admin\AppData\Local\Temp\903fcbe9b6917a3611512b4074623dc02233f226da3498a0f17102cf6a8c8206.exe
"C:\Users\Admin\AppData\Local\Temp\903fcbe9b6917a3611512b4074623dc02233f226da3498a0f17102cf6a8c8206.exe"
1⤵
PID:3568
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3568 -s 740
  2⤵
  - Program crash
  PID:1944
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3568 -s 784
  2⤵
  - Program crash
  PID:3916
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3568 -s 784
  2⤵
  - Program crash
  PID:2596
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3568 -s 816
  2⤵
  - Program crash
  PID:2976
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3568 -s 904
  2⤵
  - Program crash
  PID:1716
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3568 -s 980
  2⤵
  - Program crash
  PID:3120
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3568 -s 1124
  2⤵
  - Program crash
  PID:3348

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 368 -p 3568 -ip 3568
1⤵
PID:2820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 3568 -ip 3568
1⤵
PID:2924

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 3568 -ip 3568
1⤵
PID:4616

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3568 -ip 3568
1⤵
PID:3260

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 3568 -ip 3568
1⤵
PID:3144

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 3568 -ip 3568
1⤵
PID:4644

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 3568 -ip 3568
1⤵
PID:4404

memory/3568-1-0x00000000006F0000-0x00000000007F0000-memory.dmp

Filesize
1024KB

Download
memory/3568-2-0x00000000021A0000-0x00000000021DC000-memory.dmp

Filesize
240KB

Download
memory/3568-3-0x0000000000400000-0x0000000000459000-memory.dmp

Filesize
356KB

Download
memory/3568-7-0x0000000000400000-0x0000000000459000-memory.dmp

Filesize
356KB

Download
memory/3568-8-0x00000000021A0000-0x00000000021DC000-memory.dmp

Filesize
240KB

Download