407e85364f6d65a0209d70b7152a5fcfa0d96f0fad390ed94dc77b9874b2b8c9 | Triage

Analysis

max time kernel
90s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
08-07-2022 16:44

Sharing

Report Analysis Logs

General

Target

407e85364f6d65a0209d70b7152a5fcfa0d96f0fad390ed94dc77b9874b2b8c9.exe
Size

240KB
MD5

6eef94ab0233130b8477c01eaa7f957f
SHA1

3e60938d00fe5e9fd2f4bff244b6eff2bbac9279
SHA256

407e85364f6d65a0209d70b7152a5fcfa0d96f0fad390ed94dc77b9874b2b8c9
SHA512

d8870646eb1b0339b40cf5341b0c2f3efb7adb7166d6e8eb7bfbcfa4a99ed38c570e54277e52f4f7d0a5e688fa5f241224cc794a927e42f51c39aacd75a12c02

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid	pid_target	Process	procid_target
2428	4776	WerFault.exe	79

C:\Users\Admin\AppData\Local\Temp\407e85364f6d65a0209d70b7152a5fcfa0d96f0fad390ed94dc77b9874b2b8c9.exe
"C:\Users\Admin\AppData\Local\Temp\407e85364f6d65a0209d70b7152a5fcfa0d96f0fad390ed94dc77b9874b2b8c9.exe"
1⤵
PID:4776
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4776 -s 516
  2⤵
  - Program crash
  PID:2428

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 4776 -ip 4776
1⤵
PID:1416

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4776-130-0x0000000002270000-0x000000000229E000-memory.dmp

Filesize
184KB

Download