24ffa21d8cb7971b715f456da5fe033295acc4ad136d410574107fcf626ce11d

Analysis

max time kernel
121s
max time network
124s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
02-11-2024 19:42

Target

24ffa21d8cb7971b715f456da5fe033295acc4ad136d410574107fcf626ce11dN.exe
Size

731KB
MD5

7394ad7246b976beb233151fd31238b0
SHA1

bb3e79b47ddf885aecfcd31a325e35df897dc166
SHA256

24ffa21d8cb7971b715f456da5fe033295acc4ad136d410574107fcf626ce11d
SHA512

72ff46d7e14a6e22fd96fba82e6af3d0c5ce571f44b3b98cae3347a6b40ae03cad1b4a41a0838e16860b21e7351e90963382973525c2357a4b118b6154c57dea
SSDEEP

6144:Fp19SmYRZbsuSBs3ojpe6aABlwZFsr5pOGJr3eRqk3tJc+xZRtiKzvzaOKIeM87M:Fp1EPZbsu2s3ojpe6aeSg3DeRqkUWn

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

24ffa21d8cb7971b715f456da5fe033295acc4ad136d410574107fcf626ce11dN.exe

description	pid	process	target process
PID 2428 wrote to memory of 2080	2428	24ffa21d8cb7971b715f456da5fe033295acc4ad136d410574107fcf626ce11dN.exe	WerFault.exe
PID 2428 wrote to memory of 2080	2428	24ffa21d8cb7971b715f456da5fe033295acc4ad136d410574107fcf626ce11dN.exe	WerFault.exe
PID 2428 wrote to memory of 2080	2428	24ffa21d8cb7971b715f456da5fe033295acc4ad136d410574107fcf626ce11dN.exe	WerFault.exe

C:\Users\Admin\AppData\Local\Temp\24ffa21d8cb7971b715f456da5fe033295acc4ad136d410574107fcf626ce11dN.exe
"C:\Users\Admin\AppData\Local\Temp\24ffa21d8cb7971b715f456da5fe033295acc4ad136d410574107fcf626ce11dN.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2428
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2428 -s 76
  2⤵
  PID:2080