809ceafd55fe53b235db101586bf5cb5a4ccbc4815175cf0f89c2f228f5eb442

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
11-07-2024 01:00

Target

809ceafd55fe53b235db101586bf5cb5a4ccbc4815175cf0f89c2f228f5eb442.exe
Size

223KB
MD5

5c68f548bed2d865daeefb1708493351
SHA1

b99b5482bf003efc9729d3f291e1700a1c268741
SHA256

809ceafd55fe53b235db101586bf5cb5a4ccbc4815175cf0f89c2f228f5eb442
SHA512

fc7b6a6e46c4fcf7dc55800df3610b7900cf9ff4edd7ebcaa696b64bc2da291669abf67292890e4555b225261d8cf488037e85e8096f5ecbf77571258b1b7a6a
SSDEEP

1536:jPETvxZODI/y64HbnYLYLBPsM8mb8QsnGU3bsOlI/AZ5lfr/30Qh2RApO+T3QvNa:IvxAR77ELmb8QMGUrsOlEQh2n83QVa

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2236 wrote to memory of 2736	2236	809ceafd55fe53b235db101586bf5cb5a4ccbc4815175cf0f89c2f228f5eb442.exe	31
PID 2236 wrote to memory of 2736	2236	809ceafd55fe53b235db101586bf5cb5a4ccbc4815175cf0f89c2f228f5eb442.exe	31
PID 2236 wrote to memory of 2736	2236	809ceafd55fe53b235db101586bf5cb5a4ccbc4815175cf0f89c2f228f5eb442.exe	31

C:\Users\Admin\AppData\Local\Temp\809ceafd55fe53b235db101586bf5cb5a4ccbc4815175cf0f89c2f228f5eb442.exe
"C:\Users\Admin\AppData\Local\Temp\809ceafd55fe53b235db101586bf5cb5a4ccbc4815175cf0f89c2f228f5eb442.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2236
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2236 -s 544
  2⤵
  PID:2736

memory/2236-0-0x000007FEF53D3000-0x000007FEF53D4000-memory.dmp

Filesize
4KB

Download
memory/2236-1-0x0000000000BC0000-0x0000000000BFC000-memory.dmp

Filesize
240KB

Download
memory/2236-2-0x000007FEF53D3000-0x000007FEF53D4000-memory.dmp

Filesize
4KB

Download