914792977a1a73883b4b0cf04655bad785027cc1c0a2a478f059120682eb8af7

Analysis

max time kernel
91s
max time network
94s
platform
windows11-21h2_x64
resource
win11-20240412-en
resource tags

arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
submitted
18-04-2024 15:56

Target

914792977a1a73883b4b0cf04655bad785027cc1c0a2a478f059120682eb8af7.exe
Size

359KB
MD5

2ee2a750147bdcadc284bdf5f73f8e43
SHA1

e2217821f2ee52eb043d1d5c8b3fe13ef09fa09a
SHA256

914792977a1a73883b4b0cf04655bad785027cc1c0a2a478f059120682eb8af7
SHA512

f3f9d6a6557641ed5dfc1935f51bcc38711d9e607ebcda5c5a210ea4ba7b71e054584ab44dfdfb5244306b7b16849cd49fdf5c77043bb6294ed32f98a7e1b144
SSDEEP

6144:Ro7kBLEX45vZlyZgdFlbdMEHx3uzZvetJW8/qXvKS:Ro7kBY49bsjG4ec

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

480 2792 WerFault.exe 914792977a1a73883b4b0cf04655bad785027cc1c0a2a478f059120682eb8af7.exe

pid	pid_target	process	target process
480	2792	WerFault.exe	914792977a1a73883b4b0cf04655bad785027cc1c0a2a478f059120682eb8af7.exe

C:\Users\Admin\AppData\Local\Temp\914792977a1a73883b4b0cf04655bad785027cc1c0a2a478f059120682eb8af7.exe
"C:\Users\Admin\AppData\Local\Temp\914792977a1a73883b4b0cf04655bad785027cc1c0a2a478f059120682eb8af7.exe"
1⤵
PID:2792
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2792 -s 400
  2⤵
  - Program crash
  PID:480

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 2792 -ip 2792
1⤵
PID:4168

memory/2792-1-0x0000000002FC0000-0x00000000030C0000-memory.dmp

Filesize
1024KB

Download
memory/2792-2-0x0000000004AA0000-0x0000000004AEC000-memory.dmp

Filesize
304KB

Download
memory/2792-3-0x0000000000400000-0x0000000002C3C000-memory.dmp

Filesize
40.2MB

Download
memory/2792-4-0x0000000000400000-0x0000000002C3C000-memory.dmp

Filesize
40.2MB

Download
memory/2792-5-0x0000000004AA0000-0x0000000004AEC000-memory.dmp

Filesize
304KB

Download