edc31f0c694d1a235462b96111a8082dfec687eea82f32c5f8904c6ebc40dd1a

Analysis

max time kernel
141s
max time network
129s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
29/02/2024, 05:25

Target

adcc0dc674f0c365849a19dbc536b936.exe
Size

332KB
MD5

adcc0dc674f0c365849a19dbc536b936
SHA1

f36126d21efee6d8c839296b6adffb2d74708f3e
SHA256

edc31f0c694d1a235462b96111a8082dfec687eea82f32c5f8904c6ebc40dd1a
SHA512

0c274be2d654a847f6cc7d0f3f544ead7e77c6d9462b6ddc948aa9f798584f149ffa2969c8b93106b697369277004b778b0374f91750ef9f65f4e77ad56b800e
SSDEEP

6144:VfLyhF2idZecnl20lHRxp3gwlk9ihl0/srEQpPK+e1FtEuxF+U2/k1hc:BLcF3Z4mxxXoEtlK+kt9T2Ms

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2236	1900	WerFault.exe	12

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1900 wrote to memory of 2236	1900	adcc0dc674f0c365849a19dbc536b936.exe	28
PID 1900 wrote to memory of 2236	1900	adcc0dc674f0c365849a19dbc536b936.exe	28
PID 1900 wrote to memory of 2236	1900	adcc0dc674f0c365849a19dbc536b936.exe	28
PID 1900 wrote to memory of 2236	1900	adcc0dc674f0c365849a19dbc536b936.exe	28

C:\Users\Admin\AppData\Local\Temp\adcc0dc674f0c365849a19dbc536b936.exe
"C:\Users\Admin\AppData\Local\Temp\adcc0dc674f0c365849a19dbc536b936.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1900
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1900 -s 120
  2⤵
  - Program crash
  PID:2236

memory/1900-0-0x0000000000400000-0x000000000045D000-memory.dmp

Filesize
372KB

Download
memory/1900-1-0x0000000000400000-0x000000000045D000-memory.dmp

Filesize
372KB

Download