42b496bd746c56c1cbad8e58ed763cb5376f628936f86bde426036dc94627d0a

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
13/03/2024, 23:56

Target

c72baf3b9d74c9e61a5c91f35fd16335.exe
Size

80KB
MD5

c72baf3b9d74c9e61a5c91f35fd16335
SHA1

3a71056bd58b99510aa8336a112468eecbc42067
SHA256

42b496bd746c56c1cbad8e58ed763cb5376f628936f86bde426036dc94627d0a
SHA512

cdf154a440ad65d888fa3296610f17a4c1ba69319ace245547cbc3b18dcdab558ec0e829822bc1e53d49775d3a21231ab1556b650bdaad6fc1df1e7a00f0eba9
SSDEEP

1536:GDsvLp1uRyzVuJwZkisoCKAQlfq9ZKxaLQjIgRgSmQ/+:GDsDp1uRYuasVKAif9aLogSm

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2968	2164	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2164 wrote to memory of 2968	2164	c72baf3b9d74c9e61a5c91f35fd16335.exe	29
PID 2164 wrote to memory of 2968	2164	c72baf3b9d74c9e61a5c91f35fd16335.exe	29
PID 2164 wrote to memory of 2968	2164	c72baf3b9d74c9e61a5c91f35fd16335.exe	29
PID 2164 wrote to memory of 2968	2164	c72baf3b9d74c9e61a5c91f35fd16335.exe	29

C:\Users\Admin\AppData\Local\Temp\c72baf3b9d74c9e61a5c91f35fd16335.exe
"C:\Users\Admin\AppData\Local\Temp\c72baf3b9d74c9e61a5c91f35fd16335.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2164
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2164 -s 144
  2⤵
  - Program crash
  PID:2968