9300fce8216eb088050efb12544f35177773aae73133daa8872b3b5b5ac611bc

Analysis

max time kernel
119s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
29/04/2024, 18:14

Target

9300fce8216eb088050efb12544f35177773aae73133daa8872b3b5b5ac611bc.exe
Size

6KB
MD5

64993445c700a2949e789c6b7d4a05ba
SHA1

66ed2bcef2742927d6a192da09779721e97954a1
SHA256

9300fce8216eb088050efb12544f35177773aae73133daa8872b3b5b5ac611bc
SHA512

c493462005368368d721d2c49725842a1270637672be8b456b8879fc3a0070953351d6e18ed0263e64282025c608c83ceeab4abdcb6b056ccdcffe3bbabbfb2b
SSDEEP

48:Scbt0S4FVgCp471Ib4Fc/38+N7DYocHa23WlTpebVetFygFI5a2oxdVoZiG/9u8O:p0mIGnFc/38+N4ZHJWSY9FI5WqNx

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2872 wrote to memory of 2892	2872	9300fce8216eb088050efb12544f35177773aae73133daa8872b3b5b5ac611bc.exe	28
PID 2872 wrote to memory of 2892	2872	9300fce8216eb088050efb12544f35177773aae73133daa8872b3b5b5ac611bc.exe	28
PID 2872 wrote to memory of 2892	2872	9300fce8216eb088050efb12544f35177773aae73133daa8872b3b5b5ac611bc.exe	28

C:\Users\Admin\AppData\Local\Temp\9300fce8216eb088050efb12544f35177773aae73133daa8872b3b5b5ac611bc.exe
"C:\Users\Admin\AppData\Local\Temp\9300fce8216eb088050efb12544f35177773aae73133daa8872b3b5b5ac611bc.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2872
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2872 -s 32
  2⤵
  PID:2892