Analysis
-
max time kernel
141s -
max time network
160s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
08-07-2022 05:18
General
-
Target
41943e66355d19b291f5ea87a2284cab0a7f32cc05f42efb936216859e52756f.exe
-
Size
321KB
-
MD5
81219362437edad064425e27bf2a1305
-
SHA1
116ae773fbdf2b4abebecd8331b790c9b17860fe
-
SHA256
41943e66355d19b291f5ea87a2284cab0a7f32cc05f42efb936216859e52756f
-
SHA512
90105e1d6f49e9ff20c2b6fdb185a17d18c018c96d260d81eaff6db6e5e3d19af55e34408fa088a8c5dced9c6b8abd9517292fe49583d065017b78b55ba63494
Score
10/10
Malware Config
Signatures
-
GandCrab payload 2 IoCs
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\41943e66355d19b291f5ea87a2284cab0a7f32cc05f42efb936216859e52756f.exe"C:\Users\Admin\AppData\Local\Temp\41943e66355d19b291f5ea87a2284cab0a7f32cc05f42efb936216859e52756f.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2284 -s 4762⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 2284 -ip 22841⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2284-130-0x0000000000400000-0x0000000000BB7000-memory.dmpFilesize
7.7MB
-
memory/2284-131-0x0000000000DAC000-0x0000000000DC7000-memory.dmpFilesize
108KB
-
memory/2284-133-0x0000000000D70000-0x0000000000D87000-memory.dmpFilesize
92KB
-
memory/2284-134-0x0000000000DAC000-0x0000000000DC7000-memory.dmpFilesize
108KB