68e3b6540756c5a5497691b297a562f28bc7bea4bec9bcba354539b231750af9 | Triage

Analysis

max time kernel
142s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
12-06-2022 09:47

Sharing

Report Analysis Logs

General

Target

68e3b6540756c5a5497691b297a562f28bc7bea4bec9bcba354539b231750af9.exe
Size

72KB
MD5

210d7ccfcf74c556f4605e4787b45756
SHA1

98fc88d4ce80b32735df1ea9c2073bd8ab5cea00
SHA256

68e3b6540756c5a5497691b297a562f28bc7bea4bec9bcba354539b231750af9
SHA512

a9dd11c938597d747971d209573086e431ae7b41001ef1c15e4b88f74b5837a9f07d6ae33e52c39620ea84dddf3385d51ccac237ee8ac8b2210b6942a89b7eb0

Score

3^/10

Malware Config

Signatures

Program crash 2 IoCs

Processes:

WerFault.exeWerFault.exe

pid	pid_target	process	target process
3664	2576	WerFault.exe	68e3b6540756c5a5497691b297a562f28bc7bea4bec9bcba354539b231750af9.exe
2060	2576	WerFault.exe	68e3b6540756c5a5497691b297a562f28bc7bea4bec9bcba354539b231750af9.exe

C:\Users\Admin\AppData\Local\Temp\68e3b6540756c5a5497691b297a562f28bc7bea4bec9bcba354539b231750af9.exe
"C:\Users\Admin\AppData\Local\Temp\68e3b6540756c5a5497691b297a562f28bc7bea4bec9bcba354539b231750af9.exe"
1⤵
PID:2576

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2576 -s 268
2⤵
- Program crash
PID:3664

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2576 -s 260
2⤵
- Program crash
PID:2060

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 2576 -ip 2576
1⤵
PID:2944

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 2576 -ip 2576
1⤵
PID:1936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...