cb7119af8918043afcd361cfcfb79352aba280af8348c05bacb03093cfec4b20

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
21-06-2024 11:22

Target

2024-06-21_05b1a6a9b82021adf0b3aeb65fc99c7c_darkside.exe
Size

160KB
MD5

05b1a6a9b82021adf0b3aeb65fc99c7c
SHA1

10ae2cf12c2160c3dfa2c3c62ecfc5db3410d02b
SHA256

cb7119af8918043afcd361cfcfb79352aba280af8348c05bacb03093cfec4b20
SHA512

eac29a5709aac4c769ed94bf9b06adb2680e8470ebf95964f414e4205df7a7a27fee8e2a6efa635715efeaf6c5d8ab7091639e26ddf82042366dabe3c86b94c9
SSDEEP

3072:f6glyuxE4GsUPnliByocWepZRM/igPn1Si1/mcAbHtI:f6gDBGpvEByocWevRM/igPn3kH

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid	pid_target	Process	procid_target
2188	2144	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

2024-06-21_05b1a6a9b82021adf0b3aeb65fc99c7c_darkside.exe

description	pid	Process	procid_target
PID 2144 wrote to memory of 2188	2144	2024-06-21_05b1a6a9b82021adf0b3aeb65fc99c7c_darkside.exe	28
PID 2144 wrote to memory of 2188	2144	2024-06-21_05b1a6a9b82021adf0b3aeb65fc99c7c_darkside.exe	28
PID 2144 wrote to memory of 2188	2144	2024-06-21_05b1a6a9b82021adf0b3aeb65fc99c7c_darkside.exe	28
PID 2144 wrote to memory of 2188	2144	2024-06-21_05b1a6a9b82021adf0b3aeb65fc99c7c_darkside.exe	28

C:\Users\Admin\AppData\Local\Temp\2024-06-21_05b1a6a9b82021adf0b3aeb65fc99c7c_darkside.exe
"C:\Users\Admin\AppData\Local\Temp\2024-06-21_05b1a6a9b82021adf0b3aeb65fc99c7c_darkside.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2144
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2144 -s 88
  2⤵
  - Program crash
  PID:2188