8435bfb28ad4676dd8febe45ea5ddad5f9d48c546bd828a607045a1130f88e68

Resubmissions

07/07/2024, 00:56

07/07/2024, 00:54

max time kernel
119s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
07/07/2024, 00:56

Target

InfinityUI.exe
Size

107KB
MD5

bb315ba73714631fde1375c536c0a2a5
SHA1

266faef914679d1cc0bb3ffdb3645f7be9d5ddef
SHA256

8435bfb28ad4676dd8febe45ea5ddad5f9d48c546bd828a607045a1130f88e68
SHA512

5f391912903dfcae0c35c4873aff5179b5955d5d994acf6f5f88f6d98f65b3d2a72886fde0e72ed61f02619190d5980a01097e11020ccfc82871581d54c7829b
SSDEEP

3072:s3DnAKoMVWHmq3hV2Be3Pemye3Pemfe3PempfEPOgKHVj3ZymOBamuzcQWRrRdpS:snuefrHVEmOMms+tdp

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3024	2036	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2036 wrote to memory of 3024	2036	InfinityUI.exe	28
PID 2036 wrote to memory of 3024	2036	InfinityUI.exe	28
PID 2036 wrote to memory of 3024	2036	InfinityUI.exe	28
PID 2036 wrote to memory of 3024	2036	InfinityUI.exe	28

C:\Users\Admin\AppData\Local\Temp\InfinityUI.exe
"C:\Users\Admin\AppData\Local\Temp\InfinityUI.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2036
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2036 -s 624
  2⤵
  - Program crash
  PID:3024

memory/2036-0-0x00000000746FE000-0x00000000746FF000-memory.dmp

Filesize
4KB

Download
memory/2036-1-0x0000000000C10000-0x0000000000C32000-memory.dmp

Filesize
136KB

Download
memory/2036-2-0x00000000746F0000-0x0000000074DDE000-memory.dmp

Filesize
6.9MB

Download
memory/2036-3-0x00000000746FE000-0x00000000746FF000-memory.dmp

Filesize
4KB

Download
memory/2036-4-0x00000000746F0000-0x0000000074DDE000-memory.dmp

Filesize
6.9MB

Download