Overview

overview

10

Static

static

PO.exe

windows7_x64

10

PO.exe

windows10-2004_x64

10

new PO.exe

windows7_x64

3

new PO.exe

windows10-2004_x64

3

req.exe

windows7_x64

3

req.exe

windows10-2004_x64

3

Analysis

  • max time kernel
    149s
  • max time network
    184s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    20-05-2022 22:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    new PO.exe

  • Size

    186KB

  • MD5

    07717e9884997d9f6a94216331598047

  • SHA1

    a720716cd3f7a44d8a8e9b669e053d98a44ae7a1

  • SHA256

    e68cce62fb85b2349c45eb042fa02fc55da099883441c1cd79bac8132680a09d

  • SHA512

    18a9d8d2a219232edb9de78522bda7b93966ad22521fb463837095f0bc8b15281d91ee44fe134c2651a68ef123e096309e2fd27927ba8fe0d1317434c4cc70e5

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\new PO.exe
    "C:\Users\Admin\AppData\Local\Temp\new PO.exe"
    1⤵
      PID:3796
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3796 -s 716
        2⤵
        • Program crash
        PID:3388
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 3796 -ip 3796
      1⤵
        PID:1324

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3796-130-0x00000000004C0000-0x00000000004F4000-memory.dmp
        Filesize

        208KB

        Download