bbb8728846a7ef893dc40d320a0560290e9dfb0255a952a064901a69dc90c3c6

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
12-07-2024 00:05

Target

bbb8728846a7ef893dc40d320a0560290e9dfb0255a952a064901a69dc90c3c6.exe
Size

6KB
MD5

64aba4c58a6450bba30d3d3a0d9f9c4b
SHA1

9f63a4f66dc8e75a347133ef117c3e949ca03a86
SHA256

bbb8728846a7ef893dc40d320a0560290e9dfb0255a952a064901a69dc90c3c6
SHA512

79032dadecb6d9727892d3701222a551972da45015474ce71c382bbb6ea04dd0beef00a54d89b41a4da69b506c696308d1a644c7f49845bc6ae69f2a1dd15ba2
SSDEEP

48:SVtbt0S4FVgCp471Ib4Fc/38+N7DYocHa23WlTpebVetFygFI5a2oxdVoZiG/9uR:Od0mIGnFc/38+N4ZHJWSY9FI5WqLx

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2312 wrote to memory of 2768	2312	bbb8728846a7ef893dc40d320a0560290e9dfb0255a952a064901a69dc90c3c6.exe	30
PID 2312 wrote to memory of 2768	2312	bbb8728846a7ef893dc40d320a0560290e9dfb0255a952a064901a69dc90c3c6.exe	30
PID 2312 wrote to memory of 2768	2312	bbb8728846a7ef893dc40d320a0560290e9dfb0255a952a064901a69dc90c3c6.exe	30

C:\Users\Admin\AppData\Local\Temp\bbb8728846a7ef893dc40d320a0560290e9dfb0255a952a064901a69dc90c3c6.exe
"C:\Users\Admin\AppData\Local\Temp\bbb8728846a7ef893dc40d320a0560290e9dfb0255a952a064901a69dc90c3c6.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2312
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2312 -s 32
  2⤵
  PID:2768