35dca4e9558e6f603aaad3c31b87b4f629fb64ac0ceb04ad40cda36e327f005d | Triage

Analysis

max time kernel
90s
max time network
130s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
26-06-2022 22:50

Sharing

Report Analysis Logs

General

Target

35dca4e9558e6f603aaad3c31b87b4f629fb64ac0ceb04ad40cda36e327f005d.exe
Size

336KB
MD5

7ba5c258ad55f9c3ad3b568041526093
SHA1

5991df05d2d62fb089e9e02d7e9f89cfeef3efc0
SHA256

35dca4e9558e6f603aaad3c31b87b4f629fb64ac0ceb04ad40cda36e327f005d
SHA512

c3d2e5d9ddd315863842aeefe7f7f8c87b70569ec3ecc0012f66cab78f241fcc27836b28bb7ef643e01cf2bb3e17c9f9648ca7b606f09a6b60faa6d98fc43f08

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid	pid_target	Process	procid_target
1820	4284	WerFault.exe	82

C:\Users\Admin\AppData\Local\Temp\35dca4e9558e6f603aaad3c31b87b4f629fb64ac0ceb04ad40cda36e327f005d.exe
"C:\Users\Admin\AppData\Local\Temp\35dca4e9558e6f603aaad3c31b87b4f629fb64ac0ceb04ad40cda36e327f005d.exe"
1⤵
PID:4284
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4284 -s 324
  2⤵
  - Program crash
  PID:1820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 4284 -ip 4284
1⤵
PID:4496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4284-130-0x0000000002270000-0x000000000229F000-memory.dmp

Filesize
188KB

Download