Analysis
-
max time kernel
40s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
20-05-2022 22:47
Static task
static1
Behavioral task
behavioral1
Sample
PO.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
PO.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
new PO.exe
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
new PO.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
req.exe
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
req.exe
Resource
win10v2004-20220414-en
General
-
Target
req.exe
-
Size
194KB
-
MD5
5c0efa906b43ad42826a5fa894fa8b95
-
SHA1
f08ee13771c5608b7e18087b8e3ffd2076a114e8
-
SHA256
347be975b764b78ec7860ee7c61c443fb63d6d330e7897acb8ac701cf37bb685
-
SHA512
82bcf52a00ddbaba072064aaacd95df401675f28cc0844a15d316047cc4788ed7d6335397dccf8b5f4da78e3acd24d24a7ccb188941ecb1c854ff681c8ca8792
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1944 892 WerFault.exe req.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
req.exedescription pid process target process PID 892 wrote to memory of 1944 892 req.exe WerFault.exe PID 892 wrote to memory of 1944 892 req.exe WerFault.exe PID 892 wrote to memory of 1944 892 req.exe WerFault.exe PID 892 wrote to memory of 1944 892 req.exe WerFault.exe