b7049babb04975b90efbac80d2753a0e130ee5a4b706ee74f2e8cd07c608d8fe

Analysis

max time kernel
120s
max time network
81s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
29-04-2024 01:44

Target

e8012c6840fdb796078f4c13801b7bc432c293320d34876b0bd0174b5713cb18.exe
Size

20.2MB
MD5

f5417cadf5c6a61c11c003c2bb39462f
SHA1

58be8a8f5e0d44d788598c0e9641c210a2815b04
SHA256

e8012c6840fdb796078f4c13801b7bc432c293320d34876b0bd0174b5713cb18
SHA512

4910ba52ee0816e64395920d6708a56ad01579e98b400ad420bb4758e9184487dc89a36f436757431415d7e1a7ac5a463f9691ea9d2e74300366055e48cb6069
SSDEEP

393216:qvoA7e80Y4FRevE+DKXy6jo+TP4x/W6aBm6fcPLzJbSafWtN6TXj23:LAdh4FTXyeoLiqzzMafWW23

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

e8012c6840fdb796078f4c13801b7bc432c293320d34876b0bd0174b5713cb18.exe

pid	process
4296	e8012c6840fdb796078f4c13801b7bc432c293320d34876b0bd0174b5713cb18.exe
4296	e8012c6840fdb796078f4c13801b7bc432c293320d34876b0bd0174b5713cb18.exe

C:\Users\Admin\AppData\Local\Temp\e8012c6840fdb796078f4c13801b7bc432c293320d34876b0bd0174b5713cb18.exe
"C:\Users\Admin\AppData\Local\Temp\e8012c6840fdb796078f4c13801b7bc432c293320d34876b0bd0174b5713cb18.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:4296

C:\Windows\SysWOW64\werfault.exe
werfault.exe /h /shared Global\3413857289434424b2724810c07d6bb4 /t 2056 /p 4296
1⤵
PID:3920

memory/4296-0-0x0000000010000000-0x000000001001F000-memory.dmp

Filesize
124KB

Download