400f92b2e80249729245a46a3909de908d65658dae2fb3987bb41aee94cd95f9

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
21-09-2024 04:53

Target

SynapseXRemake.exe
Size

1.3MB
MD5

dfb4fdd951724d89d2d98823ec520a29
SHA1

efcad7bcdb3aebb1077b3958560c46722157ee98
SHA256

400f92b2e80249729245a46a3909de908d65658dae2fb3987bb41aee94cd95f9
SHA512

26b1def0330430fbc207cca5d3d122f17595928dd9713d7485d4190c207da4db75b8bb7fe89e1dbd5eda9e9e915f4e93427a2a55b481ce3713e91c23cd77f145
SSDEEP

24576:Wdvfr3+FNSKyxtixzcOcnlDh7wOlWKlrX8LtK/uJWy:mXD+hyxkxzilFz1T8MGJ

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3036 wrote to memory of 2020	3036	SynapseXRemake.exe	30
PID 3036 wrote to memory of 2020	3036	SynapseXRemake.exe	30
PID 3036 wrote to memory of 2020	3036	SynapseXRemake.exe	30

C:\Users\Admin\AppData\Local\Temp\SynapseXRemake.exe
"C:\Users\Admin\AppData\Local\Temp\SynapseXRemake.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3036
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 3036 -s 832
  2⤵
  PID:2020

memory/3036-0-0x000007FEF5BB3000-0x000007FEF5BB4000-memory.dmp

Filesize
4KB

Download
memory/3036-1-0x000000013FCC0000-0x000000013FE14000-memory.dmp

Filesize
1.3MB

Download
memory/3036-2-0x000000001BFC0000-0x000000001C0F2000-memory.dmp

Filesize
1.2MB

Download
memory/3036-3-0x000007FEF5BB0000-0x000007FEF659C000-memory.dmp

Filesize
9.9MB

Download
memory/3036-5-0x00000000006F0000-0x00000000006FA000-memory.dmp

Filesize
40KB

Download
memory/3036-4-0x00000000006F0000-0x00000000006FA000-memory.dmp

Filesize
40KB

Download
memory/3036-6-0x000007FEF5BB0000-0x000007FEF659C000-memory.dmp

Filesize
9.9MB

Download
memory/3036-7-0x000007FEF5BB0000-0x000007FEF659C000-memory.dmp

Filesize
9.9MB

Download