8a2e5e073d34f4fb7cda2040d30e23d60cb675b71120e0e2c39838015c66f306

Analysis

max time kernel
121s
max time network
126s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
05/08/2024, 11:01

Target

WaveKeyGen/obj/Debug/net8.0/WaveKeyGen.exe
Size

25KB
MD5

94b21b9808e8dc5f74195f4caa75c450
SHA1

eef369d47174c6508cfdb024adc9f70ccc99411c
SHA256

bca32ed5b312f35517766d358a8d1955b2edf209b02ee521ac2f9884757e5bb2
SHA512

bb7cd1677684df10817a4b318cdabe1a8cd1fd8d2db346870f812d1f57953f2e0db154397d26be883ab90c66886f437d7bf5e53fc0a66ddb6071dd62cb5d1989
SSDEEP

384:ERO4SvKNTCECTB+uJJrr8tL/cXqJYS7GQ/eHbfEkw04XQlhVlxWZL:EkXvKNWE6+u4Fc3Pb1m9

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2336 wrote to memory of 2308	2336	WaveKeyGen.exe	31
PID 2336 wrote to memory of 2308	2336	WaveKeyGen.exe	31
PID 2336 wrote to memory of 2308	2336	WaveKeyGen.exe	31

C:\Users\Admin\AppData\Local\Temp\WaveKeyGen\obj\Debug\net8.0\WaveKeyGen.exe
"C:\Users\Admin\AppData\Local\Temp\WaveKeyGen\obj\Debug\net8.0\WaveKeyGen.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2336
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2336 -s 496
  2⤵
  PID:2308

memory/2336-0-0x000007FEF5E23000-0x000007FEF5E24000-memory.dmp

Filesize
4KB

Download
memory/2336-1-0x0000000000800000-0x000000000080C000-memory.dmp

Filesize
48KB

Download
memory/2336-2-0x000007FEF5E23000-0x000007FEF5E24000-memory.dmp

Filesize
4KB

Download