c3cfa1cfea546f700eba11012336ad553901153b634aca49ea304a12874f042d | Triage

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
06/05/2022, 08:28

Sharing

Report Analysis Logs

General

Target

1092-54-0x0000000000400000-0x000000000043D000-memory.exe
Size

244KB
MD5

c160509650284e5169a4de9f99d2681c
SHA1

d468f30393da4b322886c80cf622ba6a1cca05bf
SHA256

c3cfa1cfea546f700eba11012336ad553901153b634aca49ea304a12874f042d
SHA512

199ef6d52513310447972f6b6892cdb358c4fc5ce14b4dc89fa66578031c0a0b88421acaacff2bda5c83fd7d60243c0a17fb5ea2362499ae1291e9028196bc02

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1536	1108	WerFault.exe	81

C:\Users\Admin\AppData\Local\Temp\1092-54-0x0000000000400000-0x000000000043D000-memory.exe
"C:\Users\Admin\AppData\Local\Temp\1092-54-0x0000000000400000-0x000000000043D000-memory.exe"
1⤵
PID:1108
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1108 -s 216
  2⤵
  - Program crash
  PID:1536

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 1108 -ip 1108
1⤵
PID:1188

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s camsvc
1⤵
PID:2508

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1108-130-0x0000000000400000-0x000000000043D000-memory.dmp

Filesize
244KB

Download