7d2d9d59cbb28b0a5b33adfb2023b3e84e418492589af13981629125daed113f

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
15/03/2024, 14:30

Target

cba74a6926f27a03dc03e7468e5ff0f1.exe
Size

487KB
MD5

cba74a6926f27a03dc03e7468e5ff0f1
SHA1

0f3ea0d70076d5cfa624c1110e797bb2955c6b8e
SHA256

7d2d9d59cbb28b0a5b33adfb2023b3e84e418492589af13981629125daed113f
SHA512

f2d98cf27ca1ff2c47719c07a703eb05a4d47f7f5d669d7f29e733b9e38378494d34b062adc4756a44ce8c30cfa72cfa9031a3b6c85a5ad2f0f96c09c8c7e7ee
SSDEEP

6144:n0/iIntSmDnCTQEjqbgtWKdC9UGy+DTPL1vMi3AYXZqqg1xJG4XlvYFjIF85jB:n0/zSknQPmbFlXTPhvHAGyLGKcsF85jB

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2288	2240	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2240 wrote to memory of 2288	2240	cba74a6926f27a03dc03e7468e5ff0f1.exe	28
PID 2240 wrote to memory of 2288	2240	cba74a6926f27a03dc03e7468e5ff0f1.exe	28
PID 2240 wrote to memory of 2288	2240	cba74a6926f27a03dc03e7468e5ff0f1.exe	28
PID 2240 wrote to memory of 2288	2240	cba74a6926f27a03dc03e7468e5ff0f1.exe	28

C:\Users\Admin\AppData\Local\Temp\cba74a6926f27a03dc03e7468e5ff0f1.exe
"C:\Users\Admin\AppData\Local\Temp\cba74a6926f27a03dc03e7468e5ff0f1.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2240
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2240 -s 36
  2⤵
  - Program crash
  PID:2288