Analysis
-
max time kernel
42s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
20-05-2022 23:50
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Variant.Tedy.122593.7296.exe
Resource
win7-20220414-en
0 signatures
0 seconds
General
-
Target
SecuriteInfo.com.Variant.Tedy.122593.7296.exe
-
Size
1.0MB
-
MD5
a3f9db216c595bbb5081ad0430248975
-
SHA1
e06a7da7340e4e27d9737e58554ab4419116a0e2
-
SHA256
647c540fe4c9f3dc5a06c978ff0644905b07a53517e637f674a089f866a135d0
-
SHA512
3a6eb7aac3afed0438d1005f4534cc9a45b6697b8c0c266d1fae1b32cf84cd15726a005fc707ff2500f8b2bc045ea7ec20c715efeb4211e6b4b33d6c1afa56a5
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1164 1044 WerFault.exe SecuriteInfo.com.Variant.Tedy.122593.7296.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
SecuriteInfo.com.Variant.Tedy.122593.7296.exedescription pid process target process PID 1044 wrote to memory of 1164 1044 SecuriteInfo.com.Variant.Tedy.122593.7296.exe WerFault.exe PID 1044 wrote to memory of 1164 1044 SecuriteInfo.com.Variant.Tedy.122593.7296.exe WerFault.exe PID 1044 wrote to memory of 1164 1044 SecuriteInfo.com.Variant.Tedy.122593.7296.exe WerFault.exe PID 1044 wrote to memory of 1164 1044 SecuriteInfo.com.Variant.Tedy.122593.7296.exe WerFault.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Variant.Tedy.122593.7296.exe"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Variant.Tedy.122593.7296.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1044 -s 5482⤵
- Program crash