Analysis
-
max time kernel
40s -
max time network
44s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
18-06-2022 15:41
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
tmp.exe
-
Size
1.6MB
-
MD5
52da53b1c61bf409b32f845f3806479a
-
SHA1
4e4120c159b2ff506c8719332dc38298ac092659
-
SHA256
5897858ea935658dd34bc4ef2692d4694eea6be164a9d8566b55c769dae2c8bc
-
SHA512
3a1ffa7db0f5b90deccbf9f84033e19ed43f9d28006f40c2c8d1cbe7c337f6fd458c966bef0b29c8f1cde725d1e1abfecb65c00b5ae6f908dcb33ecb83c7dbca
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 960 1640 WerFault.exe tmp.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
tmp.exedescription pid process target process PID 1640 wrote to memory of 960 1640 tmp.exe WerFault.exe PID 1640 wrote to memory of 960 1640 tmp.exe WerFault.exe PID 1640 wrote to memory of 960 1640 tmp.exe WerFault.exe PID 1640 wrote to memory of 960 1640 tmp.exe WerFault.exe