bc17ce215114a2fb83c7a1acfb626b9e12ff5e5c5809447fdc0343fa9ce2a19a

Analysis

max time kernel
15s
max time network
16s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
05/11/2024, 06:22

Target

bc17ce215114a2fb83c7a1acfb626b9e12ff5e5c5809447fdc0343fa9ce2a19aN.exe
Size

697KB
MD5

d5052e21ebd237b214e9319dae858570
SHA1

25de69f36d7124a554cf569b45c5bb412fba1862
SHA256

bc17ce215114a2fb83c7a1acfb626b9e12ff5e5c5809447fdc0343fa9ce2a19a
SHA512

17c7a11caefcd958f49cd67551022d16a72192f0ea035d0345ea527346093acdc9a77ec453b511a3e97c7790251bf178b4eb58a764fbefd79298ef5d52de4c30
SSDEEP

6144:lbHgFf0cUDe7WkrqYMMH8xWioVHQv4nldFiN+ihcy5/gt+xZRtiKzvzaOV3Ya9:lbHCfn6krqJMH8xWiEHQvoniNp5nIa9

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1732 wrote to memory of 1736	1732	bc17ce215114a2fb83c7a1acfb626b9e12ff5e5c5809447fdc0343fa9ce2a19aN.exe	30
PID 1732 wrote to memory of 1736	1732	bc17ce215114a2fb83c7a1acfb626b9e12ff5e5c5809447fdc0343fa9ce2a19aN.exe	30
PID 1732 wrote to memory of 1736	1732	bc17ce215114a2fb83c7a1acfb626b9e12ff5e5c5809447fdc0343fa9ce2a19aN.exe	30

C:\Users\Admin\AppData\Local\Temp\bc17ce215114a2fb83c7a1acfb626b9e12ff5e5c5809447fdc0343fa9ce2a19aN.exe
"C:\Users\Admin\AppData\Local\Temp\bc17ce215114a2fb83c7a1acfb626b9e12ff5e5c5809447fdc0343fa9ce2a19aN.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1732
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 1732 -s 76
  2⤵
  PID:1736