16c2bfc8a95cd2996a5169d3fe441f6a8ac0d8fcf4c5562b6de6e68dac3ae35f | Triage

Analysis

max time kernel
155s
max time network
169s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
08-06-2022 23:21

Sharing

Report Analysis Logs

General

Target

16c2bfc8a95cd2996a5169d3fe441f6a8ac0d8fcf4c5562b6de6e68dac3ae35f.exe
Size

493KB
MD5

7e12831b97ad63445fc0e9173b98b4b0
SHA1

36adafaafea6740027beef8d8f6d762ede47203d
SHA256

16c2bfc8a95cd2996a5169d3fe441f6a8ac0d8fcf4c5562b6de6e68dac3ae35f
SHA512

44d6f4d58712f45838627cc8bde00e63b52d9c2bc9bc45ffa6963725f6b26ab307e61d40c469bc10a657d84137e62ad8ee861744f0208ba0bdef9d8f2bd97f9f

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

3988 2820 WerFault.exe 16c2bfc8a95cd2996a5169d3fe441f6a8ac0d8fcf4c5562b6de6e68dac3ae35f.exe

C:\Users\Admin\AppData\Local\Temp\16c2bfc8a95cd2996a5169d3fe441f6a8ac0d8fcf4c5562b6de6e68dac3ae35f.exe
"C:\Users\Admin\AppData\Local\Temp\16c2bfc8a95cd2996a5169d3fe441f6a8ac0d8fcf4c5562b6de6e68dac3ae35f.exe"
1⤵
PID:2820
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2820 -s 312
  2⤵
  - Program crash
  PID:3988

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2820 -ip 2820
1⤵
PID:3268

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2820-130-0x0000000002240000-0x000000000229C000-memory.dmp

Filesize
368KB

Download