1abc715bfabb0e620ad3c05ea20c9b1afb3098f9aec960f04645316b35881e6f | Triage

Analysis

max time kernel
185s
max time network
193s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
07-06-2022 22:04

Sharing

Report Analysis Logs

General

Target

1abc715bfabb0e620ad3c05ea20c9b1afb3098f9aec960f04645316b35881e6f.exe
Size

72KB
MD5

84d1eb28d40380cc753235d01c67b89d
SHA1

34f176e92c8a4fa5ed6e7a85f69899f376f1f6f5
SHA256

1abc715bfabb0e620ad3c05ea20c9b1afb3098f9aec960f04645316b35881e6f
SHA512

f274fe1a6bf3b7c18d0db8d25a724b5251429ccbac79999a888652a5f4bfee9184468eb7ccff5acf8f7d3ecae2ddc45b94460dcd7e175e8845754efd5024f368

Score

3^/10

Malware Config

Signatures

Program crash 2 IoCs

Processes:

WerFault.exeWerFault.exe

pid	pid_target	process	target process
4396	3472	WerFault.exe	1abc715bfabb0e620ad3c05ea20c9b1afb3098f9aec960f04645316b35881e6f.exe
1796	3472	WerFault.exe	1abc715bfabb0e620ad3c05ea20c9b1afb3098f9aec960f04645316b35881e6f.exe

C:\Users\Admin\AppData\Local\Temp\1abc715bfabb0e620ad3c05ea20c9b1afb3098f9aec960f04645316b35881e6f.exe
"C:\Users\Admin\AppData\Local\Temp\1abc715bfabb0e620ad3c05ea20c9b1afb3098f9aec960f04645316b35881e6f.exe"
1⤵
PID:3472

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3472 -s 260
2⤵
- Program crash
PID:4396

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3472 -s 280
2⤵
- Program crash
PID:1796

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3472 -ip 3472
1⤵
PID:2984

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3472 -ip 3472
1⤵
PID:4912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...