Analysis
-
max time kernel
43s -
max time network
50s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
25-05-2022 18:45
Static task
static1
Behavioral task
behavioral1
Sample
FL Studio/FL Studio 3.2.0.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
FL Studio/FL Studio 3.2.0.exe
-
Size
391.3MB
-
MD5
b0c5ae4dec5a28e5c27ee33e2e1ab240
-
SHA1
d84c677bbcc05a6d28001566196f43374dfec74e
-
SHA256
792ea90eb358df40c67fb494300cd97397375f7ec46ef6311cfff06f7fa58de0
-
SHA512
dbe14ada46abd5b86fcc54e828876410b1223682a832b091e3cca31d40269f06554c3e5ad7ce043ab231856f0ae0ff7d539d1f88cf0140062c186335e95f7e05
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1036 624 WerFault.exe FL Studio 3.2.0.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
FL Studio 3.2.0.exedescription pid process target process PID 624 wrote to memory of 1036 624 FL Studio 3.2.0.exe WerFault.exe PID 624 wrote to memory of 1036 624 FL Studio 3.2.0.exe WerFault.exe PID 624 wrote to memory of 1036 624 FL Studio 3.2.0.exe WerFault.exe PID 624 wrote to memory of 1036 624 FL Studio 3.2.0.exe WerFault.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\FL Studio\FL Studio 3.2.0.exe"C:\Users\Admin\AppData\Local\Temp\FL Studio\FL Studio 3.2.0.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 624 -s 5482⤵
- Program crash