Analysis
-
max time kernel
45s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
10-06-2022 21:45
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220414-en
0 signatures
0 seconds
General
-
Target
tmp.exe
-
Size
1.8MB
-
MD5
0ab42dccaffb5ec1d149601908014b50
-
SHA1
434182962a57e9cc7aa4b242d901a098402b485e
-
SHA256
4980f397fa276495555867b7628497c7cba519309051cc1cb9b43c4270103316
-
SHA512
c5501b92dc64cc59e75d8ab52c5b186e86071405dde1784b2af2057e0b7a894607410c648dd1a1f7dfbe9a699ad8e427246afe016e35ee3732e96812c6e11e4c
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1996 976 WerFault.exe tmp.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
tmp.exedescription pid process target process PID 976 wrote to memory of 1996 976 tmp.exe WerFault.exe PID 976 wrote to memory of 1996 976 tmp.exe WerFault.exe PID 976 wrote to memory of 1996 976 tmp.exe WerFault.exe PID 976 wrote to memory of 1996 976 tmp.exe WerFault.exe