92926adf402368d754fd1eabf96adbc526e791a2aa6da3c63d0b9e9db91212a2

Analysis

max time kernel
22s
max time network
16s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
10-10-2024 02:42

Target

92926adf402368d754fd1eabf96adbc526e791a2aa6da3c63d0b9e9db91212a2N.exe
Size

1.7MB
MD5

27b360b2dfc1dc9f768a9926dbb0c520
SHA1

cf38d9ea51288e5d7a7678dc5c2af374c9308a5d
SHA256

92926adf402368d754fd1eabf96adbc526e791a2aa6da3c63d0b9e9db91212a2
SHA512

aa0292f595b32fd89573fcfb1ccb3972e2e6e1d532e0356d50d09efb68582e02eacc75419bcd33e2f59e7b5b1e8f90b5485698177b40a15fdfcc8cc61a7227ff
SSDEEP

49152:ebo95a6iGYZZ3ZQ/TofdJ0C2qJ8+eDZuEAI2CKEKwIR:0zqTofdJ1FDelAI2CKED

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2484 wrote to memory of 2708	2484	92926adf402368d754fd1eabf96adbc526e791a2aa6da3c63d0b9e9db91212a2N.exe	30
PID 2484 wrote to memory of 2708	2484	92926adf402368d754fd1eabf96adbc526e791a2aa6da3c63d0b9e9db91212a2N.exe	30
PID 2484 wrote to memory of 2708	2484	92926adf402368d754fd1eabf96adbc526e791a2aa6da3c63d0b9e9db91212a2N.exe	30

C:\Users\Admin\AppData\Local\Temp\92926adf402368d754fd1eabf96adbc526e791a2aa6da3c63d0b9e9db91212a2N.exe
"C:\Users\Admin\AppData\Local\Temp\92926adf402368d754fd1eabf96adbc526e791a2aa6da3c63d0b9e9db91212a2N.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2484
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2484 -s 28
  2⤵
  PID:2708

memory/2484-0-0x000000013FC80000-0x000000013FE35000-memory.dmp

Filesize
1.7MB

Download