29846c5b0359085d68e8dd6c395228e5f17e950619a745b72f2a6835964f4db1 | Triage

Analysis

max time kernel
90s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
20-05-2022 23:21

Sharing

Report Analysis Logs

General

Target

29846c5b0359085d68e8dd6c395228e5f17e950619a745b72f2a6835964f4db1.exe
Size

554KB
MD5

0fbcb5b55c5e2fb2b020d5cb7266ee69
SHA1

c4cf2886290641e7c00429c8d866de8eca642de5
SHA256

29846c5b0359085d68e8dd6c395228e5f17e950619a745b72f2a6835964f4db1
SHA512

b986e10ea0a67db49eab5d443de76ba64a1071c5f10e432b4d43c4619d4f63f8316582bc7d5238ef00526019af1d4218424b3b9613e5bf6fbc8f7316e2019654

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

3068 1792 WerFault.exe 29846c5b0359085d68e8dd6c395228e5f17e950619a745b72f2a6835964f4db1.exe

C:\Users\Admin\AppData\Local\Temp\29846c5b0359085d68e8dd6c395228e5f17e950619a745b72f2a6835964f4db1.exe
"C:\Users\Admin\AppData\Local\Temp\29846c5b0359085d68e8dd6c395228e5f17e950619a745b72f2a6835964f4db1.exe"
1⤵
PID:1792

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1792 -s 284
2⤵
- Program crash
PID:3068

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1792 -ip 1792
1⤵
PID:548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...