9e803068b0df00f2681f79d31f27aee618cf65456aed57e3a8247995f4e2d4c0 | Triage

Analysis

max time kernel
1675s
max time network
1638s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
28-06-2022 16:46

Sharing

Report Analysis Logs

General

Target

9e803068b0df00f2681f79d31f27aee618cf65456aed57e3a8247995f4e2d4c0.exe
Size

262KB
MD5

dfbcb56267bde1b0c5cd2e891c5f1444
SHA1

12c74bdb6d04cd4d40f469ae7193e49f862a3aee
SHA256

9e803068b0df00f2681f79d31f27aee618cf65456aed57e3a8247995f4e2d4c0
SHA512

66075ff634d9d92db61c3f86a5147920ac8e4b325c48227a2a0e96d88c334668153cd963c34fa3a267ceab09c356e4d5551a7c7ecbe20a996979fe4ab4b5abf1

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

4944 2296 WerFault.exe 9e803068b0df00f2681f79d31f27aee618cf65456aed57e3a8247995f4e2d4c0.exe

C:\Users\Admin\AppData\Local\Temp\9e803068b0df00f2681f79d31f27aee618cf65456aed57e3a8247995f4e2d4c0.exe
"C:\Users\Admin\AppData\Local\Temp\9e803068b0df00f2681f79d31f27aee618cf65456aed57e3a8247995f4e2d4c0.exe"
1⤵
PID:2296

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2296 -s 572
2⤵
- Program crash
PID:4944

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 2296 -ip 2296
1⤵
PID:4976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...