b5a3eceab417c5abf76678d3c3bb087c4b923b2c32a3620407ac266e090308bd

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
19-03-2024 08:16

Target

OUU.exe
Size

393KB
MD5

e1a4c35915d41d959fdf286da81afedb
SHA1

60ef2a2a370ce3855c7b249462dc5584aeba5161
SHA256

b5a3eceab417c5abf76678d3c3bb087c4b923b2c32a3620407ac266e090308bd
SHA512

53324ab49e2787d97127e6b046b3e748563725ae8f7281969a22507fd6a56fda3e091cce23530f22d1b4b5af08fa73dda28a2711315db56b724a33a73113312e
SSDEEP

6144:Y59wN26uzKsZax2DhLFs5XA45DtRk3FresAPGWAq5OIWcUSmR:YNHzxZax2VBsxA4t8csAjA0O/cUV

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 3208 set thread context of 1776	3208	OUU.exe	87

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3200	1776	WerFault.exe	87

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 3208 wrote to memory of 1776	3208	OUU.exe	87
PID 3208 wrote to memory of 1776	3208	OUU.exe	87
PID 3208 wrote to memory of 1776	3208	OUU.exe	87
PID 3208 wrote to memory of 1776	3208	OUU.exe	87

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1776 -ip 1776
1⤵
PID:4672

memory/3208-0-0x0000000000110000-0x0000000000178000-memory.dmp

Filesize
416KB

Download
memory/3208-1-0x00000000743C0000-0x0000000074B70000-memory.dmp

Filesize
7.7MB

Download
memory/3208-3-0x0000000002460000-0x0000000002461000-memory.dmp

Filesize
4KB

Download
memory/3208-2-0x0000000004BD0000-0x0000000004BE0000-memory.dmp

Filesize
64KB

Download
memory/3208-6-0x00000000743C0000-0x0000000074B70000-memory.dmp

Filesize
7.7MB

Download