Analysis
-
max time kernel
45s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
20-05-2022 22:47
Static task
static1
Behavioral task
behavioral1
Sample
PO.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
PO.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
new PO.exe
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
new PO.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
req.exe
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
req.exe
Resource
win10v2004-20220414-en
General
-
Target
new PO.exe
-
Size
186KB
-
MD5
07717e9884997d9f6a94216331598047
-
SHA1
a720716cd3f7a44d8a8e9b669e053d98a44ae7a1
-
SHA256
e68cce62fb85b2349c45eb042fa02fc55da099883441c1cd79bac8132680a09d
-
SHA512
18a9d8d2a219232edb9de78522bda7b93966ad22521fb463837095f0bc8b15281d91ee44fe134c2651a68ef123e096309e2fd27927ba8fe0d1317434c4cc70e5
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1096 2028 WerFault.exe new PO.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
new PO.exedescription pid process target process PID 2028 wrote to memory of 1096 2028 new PO.exe WerFault.exe PID 2028 wrote to memory of 1096 2028 new PO.exe WerFault.exe PID 2028 wrote to memory of 1096 2028 new PO.exe WerFault.exe PID 2028 wrote to memory of 1096 2028 new PO.exe WerFault.exe