69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
11/05/2024, 23:10

Target

69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533.exe
Size

865KB
MD5

9bf34514244260bce084d6f18e3adacd
SHA1

e2349dfbb30d156de128e4e34ce4b6bb8e004164
SHA256

69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533
SHA512

089ef4533b60764f532e2d3288ab9c66a7f97945847a4613714028e315586effc202aa04475f4e88ddc3fd3ff38f7e359d3f0e821a2d4cf44385c41c391e184e
SSDEEP

24576:4ebQxoHOQxLHkTyauWWtZt80OIXWtZt8:CxK7HkDuWIt8UXIt8

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1576 wrote to memory of 2160	1576	69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533.exe	28
PID 1576 wrote to memory of 2160	1576	69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533.exe	28
PID 1576 wrote to memory of 2160	1576	69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533.exe	28

C:\Users\Admin\AppData\Local\Temp\69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533.exe
"C:\Users\Admin\AppData\Local\Temp\69208511d6dd44ad45b8485e7eee9ce33e6bbc2cedbc2781b61f71a18ecc1533.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1576
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 1576 -s 528
  2⤵
  PID:2160

memory/1576-0-0x000007FEF5B33000-0x000007FEF5B34000-memory.dmp

Filesize
4KB

Download
memory/1576-1-0x0000000000A70000-0x0000000000B4E000-memory.dmp

Filesize
888KB

Download
memory/1576-2-0x000007FEF5B33000-0x000007FEF5B34000-memory.dmp

Filesize
4KB

Download