93f29c55d8ee3df5ef213c64a473ed451cdd72dbacf2c6a3fd835a8b7c42f5ef

Analysis

max time kernel
16s
max time network
16s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
07-11-2024 10:46

Target

93f29c55d8ee3df5ef213c64a473ed451cdd72dbacf2c6a3fd835a8b7c42f5efN.exe
Size

697KB
MD5

a7fcf3bf4e4018a9e183899ce4f3c290
SHA1

411c5c79f1e264638fa250a734a2b85234af6682
SHA256

93f29c55d8ee3df5ef213c64a473ed451cdd72dbacf2c6a3fd835a8b7c42f5ef
SHA512

ca24beebd1053e3f75670faab756a7c591783e3fe7ee8f8462cf01aafb394616d77bac4abf129800e804f70df74db41895ef06d9673a74f7c9ac28b6fbe46347
SSDEEP

6144:lbHgFf0cUDe7WkrqYMMH8xWioVHQv4nldFiN+ihcy5/gt+xZRtiKzvzaOV3YaX:lbHCfn6krqJMH8xWiEHQvoniNp5nIaX

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

93f29c55d8ee3df5ef213c64a473ed451cdd72dbacf2c6a3fd835a8b7c42f5efN.exe

description	pid	process	target process
PID 2584 wrote to memory of 2384	2584	93f29c55d8ee3df5ef213c64a473ed451cdd72dbacf2c6a3fd835a8b7c42f5efN.exe	WerFault.exe
PID 2584 wrote to memory of 2384	2584	93f29c55d8ee3df5ef213c64a473ed451cdd72dbacf2c6a3fd835a8b7c42f5efN.exe	WerFault.exe
PID 2584 wrote to memory of 2384	2584	93f29c55d8ee3df5ef213c64a473ed451cdd72dbacf2c6a3fd835a8b7c42f5efN.exe	WerFault.exe

C:\Users\Admin\AppData\Local\Temp\93f29c55d8ee3df5ef213c64a473ed451cdd72dbacf2c6a3fd835a8b7c42f5efN.exe
"C:\Users\Admin\AppData\Local\Temp\93f29c55d8ee3df5ef213c64a473ed451cdd72dbacf2c6a3fd835a8b7c42f5efN.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2584
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2584 -s 76
  2⤵
  PID:2384