abb377330bacf1b344d304e597e20568e2d7db8558c4bd6dbab7f31bb725c684

Analysis

max time kernel
121s
max time network
121s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
26-05-2024 05:30

Target

abb377330bacf1b344d304e597e20568e2d7db8558c4bd6dbab7f31bb725c684.exe
Size

3.2MB
MD5

71d72a4764bc92a95dbf70d74b01be46
SHA1

aaf51d2b46fb61388879adfd8e0c375af7e05db7
SHA256

abb377330bacf1b344d304e597e20568e2d7db8558c4bd6dbab7f31bb725c684
SHA512

c2f4fd2ec44ef0aa2862fa28af72c51a4d62c540f4fb356539b832b87228cd06896b5caa5f8fb66d8b9392e13fa1508dff35899701ec0511afaaa0f995722b43
SSDEEP

49152:dhW7+/NHH/cA/X07zvaQty/OwVcNOiYudcm185aZ0Cy9scEz:WC/NHfcA/X0vaqcO+fFm1+aZh8u

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2056	2424	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2424 wrote to memory of 2056	2424	abb377330bacf1b344d304e597e20568e2d7db8558c4bd6dbab7f31bb725c684.exe	28
PID 2424 wrote to memory of 2056	2424	abb377330bacf1b344d304e597e20568e2d7db8558c4bd6dbab7f31bb725c684.exe	28
PID 2424 wrote to memory of 2056	2424	abb377330bacf1b344d304e597e20568e2d7db8558c4bd6dbab7f31bb725c684.exe	28
PID 2424 wrote to memory of 2056	2424	abb377330bacf1b344d304e597e20568e2d7db8558c4bd6dbab7f31bb725c684.exe	28

C:\Users\Admin\AppData\Local\Temp\abb377330bacf1b344d304e597e20568e2d7db8558c4bd6dbab7f31bb725c684.exe
"C:\Users\Admin\AppData\Local\Temp\abb377330bacf1b344d304e597e20568e2d7db8558c4bd6dbab7f31bb725c684.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2424
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2424 -s 232
  2⤵
  - Program crash
  PID:2056