67ece3106f3e07ae7756b8e88e20b9ff59a5fc4ef253b07cd215085ff3adab82

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
10/07/2024, 17:15

Target

67ece3106f3e07ae7756b8e88e20b9ff59a5fc4ef253b07cd215085ff3adab82.exe
Size

521KB
MD5

0e6f574883cf8d2d46a73a4ef0c2a1d5
SHA1

5825b85987a409471446c878eec16804bd23c100
SHA256

67ece3106f3e07ae7756b8e88e20b9ff59a5fc4ef253b07cd215085ff3adab82
SHA512

63044deac29e596b0226997f01d42ba1132ae3260883932521b0e72b04e2ec7a7bde4e6381b20c1e81846d52121d10e3e94b7b3d8c22f81520625be1c0cf999b
SSDEEP

12288:k07v1x51ZVq4WrCvkMjCDcrYaPftabsCgtsJRG0Mx:k07Nx51bNGC4DI1P4otsJfM

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2516	2320	WerFault.exe	29

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2320 wrote to memory of 2516	2320	67ece3106f3e07ae7756b8e88e20b9ff59a5fc4ef253b07cd215085ff3adab82.exe	31
PID 2320 wrote to memory of 2516	2320	67ece3106f3e07ae7756b8e88e20b9ff59a5fc4ef253b07cd215085ff3adab82.exe	31
PID 2320 wrote to memory of 2516	2320	67ece3106f3e07ae7756b8e88e20b9ff59a5fc4ef253b07cd215085ff3adab82.exe	31
PID 2320 wrote to memory of 2516	2320	67ece3106f3e07ae7756b8e88e20b9ff59a5fc4ef253b07cd215085ff3adab82.exe	31

C:\Users\Admin\AppData\Local\Temp\67ece3106f3e07ae7756b8e88e20b9ff59a5fc4ef253b07cd215085ff3adab82.exe
"C:\Users\Admin\AppData\Local\Temp\67ece3106f3e07ae7756b8e88e20b9ff59a5fc4ef253b07cd215085ff3adab82.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2320
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2320 -s 112
  2⤵
  - Program crash
  PID:2516

memory/2320-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download