Analysis
-
max time kernel
82s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20220331-en -
submitted
07-04-2022 23:42
Static task
static1
Behavioral task
behavioral1
Sample
1008-63-0x0000000000400000-0x0000000000438000-memory.exe
Resource
win7-20220331-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
1008-63-0x0000000000400000-0x0000000000438000-memory.exe
Resource
win10v2004-20220331-en
0 signatures
0 seconds
General
-
Target
1008-63-0x0000000000400000-0x0000000000438000-memory.exe
-
Size
224KB
-
MD5
147f219c90ef125ba40a8b28294b7340
-
SHA1
80ed8aa20af727ee5df148683e76afe748eda085
-
SHA256
525516dce347f76a6d758f303139bf4caa4cd9c6605864cbce5129cb23b6a8f9
-
SHA512
798885d0a23ebe8d054daadd528786e77e713e8ed38b78ab86489cfba6e85781c8499dac74ae51ceb7f19b7d7a846d40c2603fe3669f242a7c2c256ebda45959
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 848 1600 WerFault.exe 81
Processes
-
C:\Users\Admin\AppData\Local\Temp\1008-63-0x0000000000400000-0x0000000000438000-memory.exe"C:\Users\Admin\AppData\Local\Temp\1008-63-0x0000000000400000-0x0000000000438000-memory.exe"1⤵PID:1600
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1600 -s 842⤵
- Program crash
PID:848
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 1600 -ip 16001⤵PID:4116