e6c3343d2fc9ce9d44f9c8be8a7f5edfd124f8ad9965e1fbb516151eaa10d31f

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
13-03-2024 12:34

Target

c5e2c99752b621cf218a1f8f494f246d.exe
Size

72KB
MD5

c5e2c99752b621cf218a1f8f494f246d
SHA1

3b50086df4369e50fc19114679d802adba5f8f0a
SHA256

e6c3343d2fc9ce9d44f9c8be8a7f5edfd124f8ad9965e1fbb516151eaa10d31f
SHA512

ff02bb93a5ce98e382bb43e30cb644ad9609b0f2669b73faa1bcded6d01424584c8fa81267f16fa3796f9da6d218be08f67e6d12f1223a7e24fc6251789c1d1f
SSDEEP

768:BdxbzPKLH8sh100CGHiPkZxUC7SFIOJvH8vPzPC0d:BdtOL5WlGHik/oIAvMPpd

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2108	1712	WerFault.exe	27

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 1712 wrote to memory of 2108	1712	c5e2c99752b621cf218a1f8f494f246d.exe	28
PID 1712 wrote to memory of 2108	1712	c5e2c99752b621cf218a1f8f494f246d.exe	28
PID 1712 wrote to memory of 2108	1712	c5e2c99752b621cf218a1f8f494f246d.exe	28
PID 1712 wrote to memory of 2108	1712	c5e2c99752b621cf218a1f8f494f246d.exe	28
PID 1712 wrote to memory of 2108	1712	c5e2c99752b621cf218a1f8f494f246d.exe	28
PID 1712 wrote to memory of 2108	1712	c5e2c99752b621cf218a1f8f494f246d.exe	28
PID 1712 wrote to memory of 2108	1712	c5e2c99752b621cf218a1f8f494f246d.exe	28

C:\Users\Admin\AppData\Local\Temp\c5e2c99752b621cf218a1f8f494f246d.exe
"C:\Users\Admin\AppData\Local\Temp\c5e2c99752b621cf218a1f8f494f246d.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1712
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1712 -s 276
  2⤵
  - Program crash
  PID:2108

memory/1712-0-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download
memory/1712-2-0x0000000000020000-0x000000000003B000-memory.dmp

Filesize
108KB

Download
memory/1712-1-0x0000000000020000-0x000000000003B000-memory.dmp

Filesize
108KB

Download
memory/1712-3-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download
memory/1712-4-0x0000000000020000-0x000000000003B000-memory.dmp

Filesize
108KB

Download
memory/1712-5-0x0000000000020000-0x000000000003B000-memory.dmp

Filesize
108KB

Download