e660be79de0932d6c5c0f1b65dc5d842ed790962625d5dd8731c30f46ae264a2

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 10:53

Target

6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411.exe
Size

283KB
MD5

e8e1f842a6c56744e343b23f3be67295
SHA1

e368eea735a1a1c8d6201a53e980172a9de93080
SHA256

6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411
SHA512

64e8ac2ccb1ccad5e6f650a3b10592df01030de272242a06fbd83b83906090bf51339561990f04e8fcd84a8c5c1a6473713bf704367502557374cfba21044b1c
SSDEEP

6144:dqO2Lhs4EPCeAr9iTmdqJ3Kr9LVszzGltO8jh+ynEl:duLhtUCVSaVenGJMFl

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

2344 2208 WerFault.exe 6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411.exe

pid	pid_target	process	target process
2344	2208	WerFault.exe	6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411.exe

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411.exe

description	pid	process	target process
PID 2208 wrote to memory of 2344	2208	6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411.exe	WerFault.exe
PID 2208 wrote to memory of 2344	2208	6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411.exe	WerFault.exe
PID 2208 wrote to memory of 2344	2208	6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411.exe	WerFault.exe
PID 2208 wrote to memory of 2344	2208	6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411.exe	WerFault.exe

C:\Users\Admin\AppData\Local\Temp\6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411.exe
"C:\Users\Admin\AppData\Local\Temp\6d98d2425aec61b790c642e31bda2ca87b98b6470b4dd60c08de1708587f1411.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2208
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2208 -s 96
  2⤵
  - Program crash
  PID:2344

memory/2208-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2208-1-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download