8953a8f5fc7fe6171cd548f55d23101581f15ffb2b5e741610732f4ca879a25c

Analysis

max time kernel
147s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28/02/2024, 12:56

Target

abee2493a11f7fa60ac1409e4e48b4ef.exe
Size

6KB
MD5

abee2493a11f7fa60ac1409e4e48b4ef
SHA1

6901d698f808a7ccd9b1d8d48746f96e8346d428
SHA256

8953a8f5fc7fe6171cd548f55d23101581f15ffb2b5e741610732f4ca879a25c
SHA512

579cf4b87c487fb306dec61ea022730558904ef84d9ce3830d9239fadb7587cfc60fd3ec2a1944a2bb44931e6f287c2fd39cb34851aae92fd2320cc2e1ccd323
SSDEEP

96:wElNHX50dXWvu5WKW0A8KlGcAArLJrT8mYFtCn0d0U6CAqlXEN3Bdxwrs+:hNHqdNpKlG45scTeEpxwo+

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4916 set thread context of 2152	4916	abee2493a11f7fa60ac1409e4e48b4ef.exe	96

Program crash 1 IoCs

pid	pid_target	Process	procid_target
804	2152	WerFault.exe	96

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 4916 wrote to memory of 2152	4916	abee2493a11f7fa60ac1409e4e48b4ef.exe	96
PID 4916 wrote to memory of 2152	4916	abee2493a11f7fa60ac1409e4e48b4ef.exe	96
PID 4916 wrote to memory of 2152	4916	abee2493a11f7fa60ac1409e4e48b4ef.exe	96
PID 4916 wrote to memory of 2152	4916	abee2493a11f7fa60ac1409e4e48b4ef.exe	96

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 2152 -ip 2152
1⤵
PID:2400

memory/2152-2-0x0000000000C60000-0x0000000000CA0000-memory.dmp

Filesize
256KB

Download