355102e7b9e28cfe2160f9150a068e101eabe9985a959332c8c32095681c2ee0

Analysis

max time kernel
75s
max time network
17s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
12/01/2025, 15:30

Target

355102e7b9e28cfe2160f9150a068e101eabe9985a959332c8c32095681c2ee0.exe
Size

669KB
MD5

8eeef8d5df68439bf5e651c5f3ef97b6
SHA1

9de0e201ec988436bb040a5248156f01ffcc8cdf
SHA256

355102e7b9e28cfe2160f9150a068e101eabe9985a959332c8c32095681c2ee0
SHA512

f9d40dab4d111aa4137e7f0307e2eeda02abae5ee42ec8cf5251d34c85baeac87e531bdf5d59d85dbbf1a1daf8fdf28ac1c059ca6ce23c8567385d4b879fdc0b
SSDEEP

6144:xwrGnfIRzRSPpwMHjH4ZGL3O0b83ii96AMaJB8udk4+xZRtiKzvzaOLVYJ:xAGwtRSPuMHjH0GL3OB3x6Faa6J

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1576 wrote to memory of 2284	1576	355102e7b9e28cfe2160f9150a068e101eabe9985a959332c8c32095681c2ee0.exe	31
PID 1576 wrote to memory of 2284	1576	355102e7b9e28cfe2160f9150a068e101eabe9985a959332c8c32095681c2ee0.exe	31
PID 1576 wrote to memory of 2284	1576	355102e7b9e28cfe2160f9150a068e101eabe9985a959332c8c32095681c2ee0.exe	31

C:\Users\Admin\AppData\Local\Temp\355102e7b9e28cfe2160f9150a068e101eabe9985a959332c8c32095681c2ee0.exe
"C:\Users\Admin\AppData\Local\Temp\355102e7b9e28cfe2160f9150a068e101eabe9985a959332c8c32095681c2ee0.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1576
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 1576 -s 76
  2⤵
  PID:2284