Analysis
-
max time kernel
36s -
max time network
44s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
19-06-2022 19:06
General
-
Target
350a594c4295d9108753f28159e65d192256b74968b087b90cb2ec091cfa2ad2.exe
-
Size
288KB
-
MD5
49c14162f3ee193af91eadadcca62016
-
SHA1
c45b24e9807486083c6a9f38a0ef9cfe4b75663b
-
SHA256
350a594c4295d9108753f28159e65d192256b74968b087b90cb2ec091cfa2ad2
-
SHA512
92ed684d0f88a131e8a9daa0f410a32b87f1748947fa8b7a3eda1cb953d2bb60c0e9c96933e9fa663916258cddc57a294dc0c436a9270318fe4fd6ac3de5ac5d
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\350a594c4295d9108753f28159e65d192256b74968b087b90cb2ec091cfa2ad2.exe"C:\Users\Admin\AppData\Local\Temp\350a594c4295d9108753f28159e65d192256b74968b087b90cb2ec091cfa2ad2.exe"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1880 -s 3602⤵
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1552-60-0x0000000000000000-mapping.dmp
-
memory/1880-56-0x0000000003451000-0x0000000003456000-memory.dmpFilesize
20KB
-
memory/1880-57-0x00000000758D1000-0x00000000758D3000-memory.dmpFilesize
8KB
-
memory/1880-58-0x00000000002D0000-0x00000000002DA000-memory.dmpFilesize
40KB
-
memory/1880-59-0x00000000002D0000-0x00000000002DA000-memory.dmpFilesize
40KB
-
memory/1880-61-0x00000000002D0000-0x00000000002DA000-memory.dmpFilesize
40KB