58e8954e667018cec0259cbcb2f7d577636c6c2a54bf9d7c750506980ceb19da | Triage

Analysis

max time kernel
91s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
29-06-2022 23:16

Sharing

Report Analysis Logs

General

Target

952-223-0x0000000000400000-0x0000000000A0C000-memory.exe
Size

6.0MB
MD5

e15e04cd9c5771d2843e0cc3f0dc97e0
SHA1

60e82b1325110c00c7d86e7383be12ade0723c7b
SHA256

58e8954e667018cec0259cbcb2f7d577636c6c2a54bf9d7c750506980ceb19da
SHA512

56f50a3c7c48f9f6f3818c75c5cf244ea81ec3318b72d476572766e45bde434308a1439405fdafb629d5d3036e8645dc0bc3fce5387b748ddebee78f82a2781b

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

5060 5004 WerFault.exe 952-223-0x0000000000400000-0x0000000000A0C000-memory.exe

C:\Users\Admin\AppData\Local\Temp\952-223-0x0000000000400000-0x0000000000A0C000-memory.exe
"C:\Users\Admin\AppData\Local\Temp\952-223-0x0000000000400000-0x0000000000A0C000-memory.exe"
1⤵
PID:5004

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5004 -s 216
2⤵
- Program crash
PID:5060

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 5004 -ip 5004
1⤵
PID:3848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...