b95f3cb233438a3de74e99e339fbbd834ec99dc52fd27300c8a8c78010a4504e

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
17-06-2024 08:15

Target

b95f3cb233438a3de74e99e339fbbd834ec99dc52fd27300c8a8c78010a4504e.exe
Size

1.3MB
MD5

bf8a23c4e8ad1633799013eb4557af15
SHA1

bfe1fdfa3b48d519a643feaab3648fda81528c9d
SHA256

b95f3cb233438a3de74e99e339fbbd834ec99dc52fd27300c8a8c78010a4504e
SHA512

6d7e65ab262281ee5a86c183ca0342dce81433acced23cd5570ed018efa503207d8b6df18511b6f67c7e7175d0633dd12a3feadf60b62d83de0abe59a530c95a
SSDEEP

24576:alz0Nau3IKdN5VwZ4eEtZTLsqBE7GKwybJ7MDSUF:LwKdfmCesT9KNV7

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1732 wrote to memory of 1784	1732	b95f3cb233438a3de74e99e339fbbd834ec99dc52fd27300c8a8c78010a4504e.exe	28
PID 1732 wrote to memory of 1784	1732	b95f3cb233438a3de74e99e339fbbd834ec99dc52fd27300c8a8c78010a4504e.exe	28
PID 1732 wrote to memory of 1784	1732	b95f3cb233438a3de74e99e339fbbd834ec99dc52fd27300c8a8c78010a4504e.exe	28

C:\Users\Admin\AppData\Local\Temp\b95f3cb233438a3de74e99e339fbbd834ec99dc52fd27300c8a8c78010a4504e.exe
"C:\Users\Admin\AppData\Local\Temp\b95f3cb233438a3de74e99e339fbbd834ec99dc52fd27300c8a8c78010a4504e.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1732
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 1732 -s 144
  2⤵
  PID:1784