Analysis
-
max time kernel
43s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
06-05-2022 14:34
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220414-en
0 signatures
0 seconds
General
-
Target
tmp.exe
-
Size
1.1MB
-
MD5
f2b83c2075be8c51ada1ac1b2366095e
-
SHA1
f1dbf47b7e225bd92bd8d1a14ea832117f7c1037
-
SHA256
dbdd02d3fc196dd03b6f970e8bb08d82896d35b72878c09daa0ab36efcb19cf0
-
SHA512
7fdaf5cb281658bd7a8e4088ec8609a3bdd0b07bd029cb8390c9ff3823c854d2d51462bfc4bca8cf2af709e1986ee9eaec33c0be4ca68c759e631e31d85470fe
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2028 388 WerFault.exe tmp.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
tmp.exedescription pid process target process PID 388 wrote to memory of 2028 388 tmp.exe WerFault.exe PID 388 wrote to memory of 2028 388 tmp.exe WerFault.exe PID 388 wrote to memory of 2028 388 tmp.exe WerFault.exe PID 388 wrote to memory of 2028 388 tmp.exe WerFault.exe