Analysis
-
max time kernel
35s -
max time network
42s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
26-06-2022 06:12
Static task
static1
Behavioral task
behavioral1
Sample
vbc.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
vbc.exe
-
Size
1.6MB
-
MD5
52da53b1c61bf409b32f845f3806479a
-
SHA1
4e4120c159b2ff506c8719332dc38298ac092659
-
SHA256
5897858ea935658dd34bc4ef2692d4694eea6be164a9d8566b55c769dae2c8bc
-
SHA512
3a1ffa7db0f5b90deccbf9f84033e19ed43f9d28006f40c2c8d1cbe7c337f6fd458c966bef0b29c8f1cde725d1e1abfecb65c00b5ae6f908dcb33ecb83c7dbca
Score
7/10
Malware Config
Signatures
-
Uses the VBS compiler for execution 1 TTPs
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1536 1884 WerFault.exe vbc.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
vbc.exedescription pid process target process PID 1884 wrote to memory of 1536 1884 vbc.exe WerFault.exe PID 1884 wrote to memory of 1536 1884 vbc.exe WerFault.exe PID 1884 wrote to memory of 1536 1884 vbc.exe WerFault.exe PID 1884 wrote to memory of 1536 1884 vbc.exe WerFault.exe