3793408bbbab2c267d648c1b228ddbf31f4cb4f730868fba25d883f156946cb0

Analysis

max time kernel
118s
max time network
120s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
24-01-2025 04:24

Target

3793408bbbab2c267d648c1b228ddbf31f4cb4f730868fba25d883f156946cb0.exe
Size

398KB
MD5

192c0f3794612cf752ed930733fd180d
SHA1

670548b82022aec5dd0eec246062dc6809877829
SHA256

3793408bbbab2c267d648c1b228ddbf31f4cb4f730868fba25d883f156946cb0
SHA512

8c1a0b3f9d9ec3f48730858bb531b7de24422e484ea68ce6ba1f05193e1365c3a1bd5f324e7462d0ba5b4c5f7b40f039ea394e4a11e06c07137f4fb096412feb
SSDEEP

12288:EAmOeWHehSjfhiPsxOticWgeEqq1sdeYo5H:EAmQISbA0wicWR

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2688 wrote to memory of 2748	2688	3793408bbbab2c267d648c1b228ddbf31f4cb4f730868fba25d883f156946cb0.exe	30
PID 2688 wrote to memory of 2748	2688	3793408bbbab2c267d648c1b228ddbf31f4cb4f730868fba25d883f156946cb0.exe	30
PID 2688 wrote to memory of 2748	2688	3793408bbbab2c267d648c1b228ddbf31f4cb4f730868fba25d883f156946cb0.exe	30

C:\Users\Admin\AppData\Local\Temp\3793408bbbab2c267d648c1b228ddbf31f4cb4f730868fba25d883f156946cb0.exe
"C:\Users\Admin\AppData\Local\Temp\3793408bbbab2c267d648c1b228ddbf31f4cb4f730868fba25d883f156946cb0.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2688
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2688 -s 128
  2⤵
  PID:2748