41d07944eff956fc6048946feac8ccdabdc6ac1523d7a78686e7b1cc8078f603

Analysis

max time kernel
130s
max time network
137s
platform
windows10-1703_x64
resource
win10-20240221-en
resource tags

arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
submitted
23/02/2024, 15:59

Target

Bolt AIO CRACKED BY [TZCRACKING]/Bolt AIO CRACKED BY [TZCRACKING].exe
Size

922KB
MD5

727188832e9d77e87ebd1aaa12105638
SHA1

0a547ad642b712ab92a189acc776d3758ba163bb
SHA256

567b8af881787af693a08f8c0849d104ea1427e65c5275e554346a40c44bb219
SHA512

5cf2ff673614718723f15d7201c6292fe8be0d24cdd9b2bd210c8155049b2e3045ae4e05be9f09deeafb04d3d4e690696750413576cd675a33d2a85484d36dd8
SSDEEP

24576:GF4fE2pLTyWeFtPtFt6WxWFTxkt6WxWFTxZ:eYLT2rlrj

Score

3^/10

Program crash 2 IoCs

pid	pid_target	Process	procid_target
4520	4116	WerFault.exe	73
1064	4116	WerFault.exe	73

C:\Users\Admin\AppData\Local\Temp\Bolt AIO CRACKED BY [TZCRACKING]\Bolt AIO CRACKED BY [TZCRACKING].exe
"C:\Users\Admin\AppData\Local\Temp\Bolt AIO CRACKED BY [TZCRACKING]\Bolt AIO CRACKED BY [TZCRACKING].exe"
1⤵
PID:4116
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4116 -s 1364
  2⤵
  - Program crash
  PID:4520
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4116 -s 1364
  2⤵
  - Program crash
  PID:1064

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4804

memory/4116-0-0x0000000000E30000-0x0000000000F1C000-memory.dmp

Filesize
944KB

Download
memory/4116-1-0x0000000073A50000-0x000000007413E000-memory.dmp

Filesize
6.9MB

Download
memory/4116-2-0x0000000005DD0000-0x00000000062CE000-memory.dmp

Filesize
5.0MB

Download
memory/4116-3-0x00000000057B0000-0x0000000005842000-memory.dmp

Filesize
584KB

Download
memory/4116-4-0x0000000005780000-0x0000000005790000-memory.dmp

Filesize
64KB

Download
memory/4116-5-0x0000000005770000-0x000000000577A000-memory.dmp

Filesize
40KB

Download
memory/4116-6-0x0000000005B30000-0x0000000005C7E000-memory.dmp

Filesize
1.3MB

Download
memory/4116-7-0x00000000057A0000-0x00000000057B4000-memory.dmp

Filesize
80KB

Download
memory/4116-8-0x0000000005780000-0x0000000005790000-memory.dmp

Filesize
64KB

Download
memory/4116-9-0x0000000005780000-0x0000000005790000-memory.dmp

Filesize
64KB

Download
memory/4116-10-0x0000000073A50000-0x000000007413E000-memory.dmp

Filesize
6.9MB

Download