88761b80a530df67c6638ddef0fbc56377fde75113c1f4f9f97fa92bd6604c5a

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
18/10/2024, 01:48

Target

88761b80a530df67c6638ddef0fbc56377fde75113c1f4f9f97fa92bd6604c5aN.exe
Size

4.3MB
MD5

aafee29309cd19a7627a1019d07df2a0
SHA1

594d942ca231bcc00c1752edfe1df4fd80a73b4b
SHA256

88761b80a530df67c6638ddef0fbc56377fde75113c1f4f9f97fa92bd6604c5a
SHA512

da0463abcadd8a4cad4705c368983414c4bb15ddbc2f1e012e91b7c250026308458af0e57518b26deff5dbec86b77975121f63782f083fd0690ff54b2d58d4bb
SSDEEP

49152:xtY4be4yHQp0+6N/zdzQiHbTTOtjDvdpiryXkp8oL+bzxGMzvrT11:xVa/rytjpLT11

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2316 wrote to memory of 2168	2316	88761b80a530df67c6638ddef0fbc56377fde75113c1f4f9f97fa92bd6604c5aN.exe	31
PID 2316 wrote to memory of 2168	2316	88761b80a530df67c6638ddef0fbc56377fde75113c1f4f9f97fa92bd6604c5aN.exe	31
PID 2316 wrote to memory of 2168	2316	88761b80a530df67c6638ddef0fbc56377fde75113c1f4f9f97fa92bd6604c5aN.exe	31

C:\Users\Admin\AppData\Local\Temp\88761b80a530df67c6638ddef0fbc56377fde75113c1f4f9f97fa92bd6604c5aN.exe
"C:\Users\Admin\AppData\Local\Temp\88761b80a530df67c6638ddef0fbc56377fde75113c1f4f9f97fa92bd6604c5aN.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2316
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2316 -s 124
  2⤵
  PID:2168