a9be8eee77eb90f5d8bdaa052f69046d976eb84ebe2ad2c4cb31410bfcb7c85a

Analysis

max time kernel
118s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
24-05-2024 21:39

Target

a9be8eee77eb90f5d8bdaa052f69046d976eb84ebe2ad2c4cb31410bfcb7c85a.exe
Size

6KB
MD5

5e6bdf8352b7436e5b34e0118a5a199f
SHA1

0453a936c7b428291fc657a614d7fd4ab1a75d04
SHA256

a9be8eee77eb90f5d8bdaa052f69046d976eb84ebe2ad2c4cb31410bfcb7c85a
SHA512

d7d3b1a8957e56a1496137b76bcdedb5668d95fbbe4bb93315480e1029eb254fb56cced6e9205bc8b970f5b41c24c3787d50a7e081723c507b3f35f2794bb831
SSDEEP

48:Sbbt0S4FVgCp471Ib4Fc/38+N7DYocHa23WlTpebVetFygFI5a2oxdVoZiG/9uUO:O0mIGnFc/38+N4ZHJWSY9FI5WqFx

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2576 wrote to memory of 2860	2576	a9be8eee77eb90f5d8bdaa052f69046d976eb84ebe2ad2c4cb31410bfcb7c85a.exe	28
PID 2576 wrote to memory of 2860	2576	a9be8eee77eb90f5d8bdaa052f69046d976eb84ebe2ad2c4cb31410bfcb7c85a.exe	28
PID 2576 wrote to memory of 2860	2576	a9be8eee77eb90f5d8bdaa052f69046d976eb84ebe2ad2c4cb31410bfcb7c85a.exe	28

C:\Users\Admin\AppData\Local\Temp\a9be8eee77eb90f5d8bdaa052f69046d976eb84ebe2ad2c4cb31410bfcb7c85a.exe
"C:\Users\Admin\AppData\Local\Temp\a9be8eee77eb90f5d8bdaa052f69046d976eb84ebe2ad2c4cb31410bfcb7c85a.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2576
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2576 -s 32
  2⤵
  PID:2860