0f888907403ebaee309e7927c72e5ebd6aca817209fd1a5a8ceaa0b028116fcd | Triage

Analysis

max time kernel
143s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
20-05-2022 22:47

Sharing

Report Analysis Logs

General

Target

req.exe
Size

194KB
MD5

5c0efa906b43ad42826a5fa894fa8b95
SHA1

f08ee13771c5608b7e18087b8e3ffd2076a114e8
SHA256

347be975b764b78ec7860ee7c61c443fb63d6d330e7897acb8ac701cf37bb685
SHA512

82bcf52a00ddbaba072064aaacd95df401675f28cc0844a15d316047cc4788ed7d6335397dccf8b5f4da78e3acd24d24a7ccb188941ecb1c854ff681c8ca8792

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

1044 1860 WerFault.exe req.exe

C:\Users\Admin\AppData\Local\Temp\req.exe
"C:\Users\Admin\AppData\Local\Temp\req.exe"
1⤵
PID:1860

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1860 -s 808
2⤵
- Program crash
PID:1044

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1860 -ip 1860
1⤵
PID:1576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1860-130-0x00000000003E0000-0x0000000000416000-memory.dmp

Filesize
216KB

Download
memory/1860-131-0x0000000004DE0000-0x0000000004E7C000-memory.dmp

Filesize
624KB

Download