d8ebdb61b6f4775ecc4f8509393445e5ff68ff37980d6592ba6a6269b1ed84c6

Analysis

max time kernel
61s
max time network
16s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 00:27

Target

hateniggers!.exe
Size

88KB
MD5

bcc6b9299c16221285a8e4a6f4fb7c0a
SHA1

217c84dc450555f27b398423bf248a3644148aca
SHA256

d8ebdb61b6f4775ecc4f8509393445e5ff68ff37980d6592ba6a6269b1ed84c6
SHA512

3a263cf98bcc63feaa692ad777e9cd70ddaa929c9fc0379ad7c78a7ce36d91f02908e88fa25ad1f52a17c83b20075c9dccb176f86dc4914027024e53e50ad0d2
SSDEEP

1536:xpsJgNCgf22p4XZNixp/OFD1qQliMQGcTnUTvFJdlmN:xpx22Gp4pWFcNGGIDmN

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

2648 348 WerFault.exe hateniggers!.exe

pid	pid_target	process	target process
2648	348	WerFault.exe	hateniggers!.exe

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

hateniggers!.exe

description	pid	process	target process
PID 348 wrote to memory of 2648	348	hateniggers!.exe	WerFault.exe
PID 348 wrote to memory of 2648	348	hateniggers!.exe	WerFault.exe
PID 348 wrote to memory of 2648	348	hateniggers!.exe	WerFault.exe
PID 348 wrote to memory of 2648	348	hateniggers!.exe	WerFault.exe

C:\Users\Admin\AppData\Local\Temp\hateniggers!.exe
"C:\Users\Admin\AppData\Local\Temp\hateniggers!.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:348

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 348 -s 704
2⤵
- Program crash
PID:2648

memory/348-0-0x0000000074A8E000-0x0000000074A8F000-memory.dmp

Filesize
4KB

Download
memory/348-1-0x0000000001300000-0x000000000131C000-memory.dmp

Filesize
112KB

Download
memory/348-2-0x0000000074A80000-0x000000007516E000-memory.dmp

Filesize
6.9MB

Download
memory/348-3-0x0000000074A8E000-0x0000000074A8F000-memory.dmp

Filesize
4KB

Download
memory/348-4-0x0000000074A80000-0x000000007516E000-memory.dmp

Filesize
6.9MB

Download
memory/348-5-0x0000000074A80000-0x000000007516E000-memory.dmp

Filesize
6.9MB

Download