c6ecd79f0c48d4f7416bc72b5e31edc8b0b2dfa2443b84a5bee88ee84a900853

Analysis

max time kernel
82s
max time network
22s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
05/12/2024, 10:13

Target

c6ecd79f0c48d4f7416bc72b5e31edc8b0b2dfa2443b84a5bee88ee84a900853N.exe
Size

669KB
MD5

906a57f85e076808a1664434ec0525a0
SHA1

b24bdb52d6012608c6fc171e43a38cae3975e7c3
SHA256

c6ecd79f0c48d4f7416bc72b5e31edc8b0b2dfa2443b84a5bee88ee84a900853
SHA512

2608729f1e6a527f320a589b44ee8efc82cf18097e7010180f932f36a0c8413abec88023ae820d1fb0a6a0d9911a85e68e231b86d205b855be6104b5b56acf3d
SSDEEP

6144:xwrGnfIRzRSPpwMHjH4ZGL3O0b83ii96AMaJB8udk4+xZRtiKzvzaOLVYh:xAGwtRSPuMHjH0GL3OB3x6Faa6h

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2716 wrote to memory of 2056	2716	c6ecd79f0c48d4f7416bc72b5e31edc8b0b2dfa2443b84a5bee88ee84a900853N.exe	30
PID 2716 wrote to memory of 2056	2716	c6ecd79f0c48d4f7416bc72b5e31edc8b0b2dfa2443b84a5bee88ee84a900853N.exe	30
PID 2716 wrote to memory of 2056	2716	c6ecd79f0c48d4f7416bc72b5e31edc8b0b2dfa2443b84a5bee88ee84a900853N.exe	30

C:\Users\Admin\AppData\Local\Temp\c6ecd79f0c48d4f7416bc72b5e31edc8b0b2dfa2443b84a5bee88ee84a900853N.exe
"C:\Users\Admin\AppData\Local\Temp\c6ecd79f0c48d4f7416bc72b5e31edc8b0b2dfa2443b84a5bee88ee84a900853N.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2716
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2716 -s 76
  2⤵
  PID:2056