Analysis
-
max time kernel
42s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
09-06-2022 23:45
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Variant.Tedy.121179.3350.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
SecuriteInfo.com.Variant.Tedy.121179.3350.exe
-
Size
800KB
-
MD5
7a77347dc5352b72b152a18db47580fd
-
SHA1
2dcc70d8e6ac88a030850543374a6e5baa256db2
-
SHA256
fd0acf8857407d61d176810f5d57f5fa93d4f018300ade165716eb0d38dbaf20
-
SHA512
65ae1783fc8950627cdb3ebecfe2435986707580b0d1d27b2a12c43d5983336fa36c105e5368740d9cad97e48cb4bec6cfa15d597550d9a1e5154050675a78c9
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2036 664 WerFault.exe SecuriteInfo.com.Variant.Tedy.121179.3350.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
SecuriteInfo.com.Variant.Tedy.121179.3350.exedescription pid process target process PID 664 wrote to memory of 2036 664 SecuriteInfo.com.Variant.Tedy.121179.3350.exe WerFault.exe PID 664 wrote to memory of 2036 664 SecuriteInfo.com.Variant.Tedy.121179.3350.exe WerFault.exe PID 664 wrote to memory of 2036 664 SecuriteInfo.com.Variant.Tedy.121179.3350.exe WerFault.exe PID 664 wrote to memory of 2036 664 SecuriteInfo.com.Variant.Tedy.121179.3350.exe WerFault.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Variant.Tedy.121179.3350.exe"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Variant.Tedy.121179.3350.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 664 -s 5842⤵
- Program crash