f4461e8b0f3831b6ee77d57f52dd74f28e79114bc5bb29d6b7ab5ca3adbf27f6 | Triage

Analysis

max time kernel
158s
max time network
166s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
14-05-2022 13:50

Sharing

Report Analysis Logs

General

Target

f4461e8b0f3831b6ee77d57f52dd74f28e79114bc5bb29d6b7ab5ca3adbf27f6.exe
Size

367KB
MD5

e426c21445dae36d36bb5d1cfe9d383b
SHA1

bfc79210d073fdb6511bdf6a0b519cc29cebbc3b
SHA256

f4461e8b0f3831b6ee77d57f52dd74f28e79114bc5bb29d6b7ab5ca3adbf27f6
SHA512

096d36231581a894d5e9a07bb8fbe6ba483b92545a32040d448519c7b0de417bce836a1c817dd0ddf5bb98483a4c17dd3013674b6275ffacdfa2155ab32ef3a0

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

1804 4408 WerFault.exe f4461e8b0f3831b6ee77d57f52dd74f28e79114bc5bb29d6b7ab5ca3adbf27f6.exe

C:\Users\Admin\AppData\Local\Temp\f4461e8b0f3831b6ee77d57f52dd74f28e79114bc5bb29d6b7ab5ca3adbf27f6.exe
"C:\Users\Admin\AppData\Local\Temp\f4461e8b0f3831b6ee77d57f52dd74f28e79114bc5bb29d6b7ab5ca3adbf27f6.exe"
1⤵
PID:4408

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 4408 -s 976
2⤵
- Program crash
PID:1804

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 408 -p 4408 -ip 4408
1⤵
PID:2440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4408-130-0x0000020D863F0000-0x0000020D86454000-memory.dmp

Filesize
400KB

Download
memory/4408-131-0x00007FFA8D110000-0x00007FFA8DBD1000-memory.dmp

Filesize
10.8MB

Download