19ffc101f7c4457a5adb66b38ce5823d52f596b323578de48d3585b1b57d24c6

Analysis

max time kernel
122s
max time network
130s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10-05-2024 14:32

Target

30781e91d68861344f162ee5566cedc2c3c10246b4ec0c14b8f23cffe8bc9c0c.exe
Size

332KB
MD5

37072a159221b66a2cc7d3b032802748
SHA1

5da67b6cd3a05288da7ebe3d7eb8c4a095b3afdf
SHA256

30781e91d68861344f162ee5566cedc2c3c10246b4ec0c14b8f23cffe8bc9c0c
SHA512

b427d69f91934fb0623116e54dbe7fa5e036021aa5cb17e7a8de01b34e74212f4065716dd93161899714dcd1a519bf7e1857aba12e6aec55cf634e134add29cc
SSDEEP

6144:73Lw7HV0BtJoa1L+ZBYo5+fR+yghyjWIXoJWVegjv72D+0Xp:7bBBtJoa1LfSyg0ToJuj50Xp

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2724	2216	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2216 wrote to memory of 2724	2216	30781e91d68861344f162ee5566cedc2c3c10246b4ec0c14b8f23cffe8bc9c0c.exe	29
PID 2216 wrote to memory of 2724	2216	30781e91d68861344f162ee5566cedc2c3c10246b4ec0c14b8f23cffe8bc9c0c.exe	29
PID 2216 wrote to memory of 2724	2216	30781e91d68861344f162ee5566cedc2c3c10246b4ec0c14b8f23cffe8bc9c0c.exe	29
PID 2216 wrote to memory of 2724	2216	30781e91d68861344f162ee5566cedc2c3c10246b4ec0c14b8f23cffe8bc9c0c.exe	29

C:\Users\Admin\AppData\Local\Temp\30781e91d68861344f162ee5566cedc2c3c10246b4ec0c14b8f23cffe8bc9c0c.exe
"C:\Users\Admin\AppData\Local\Temp\30781e91d68861344f162ee5566cedc2c3c10246b4ec0c14b8f23cffe8bc9c0c.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2216 -s 52
  2⤵
  - Program crash
  PID:2724

memory/2216-0-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/2216-1-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download