4ace7b3da6d042f34d583d057abdb503f0f56f746801cbb0383da5efe8e3239a | Triage

Analysis

max time kernel
143s
max time network
164s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
12-07-2022 12:02

Sharing

Report Analysis Logs

General

Target

4ace7b3da6d042f34d583d057abdb503f0f56f746801cbb0383da5efe8e3239a.exe
Size

325KB
MD5

28215a5ed45d61536d22322602407aeb
SHA1

d4db7b54acd5a8f2f7022f3f947ad79e0226801a
SHA256

4ace7b3da6d042f34d583d057abdb503f0f56f746801cbb0383da5efe8e3239a
SHA512

639ab48113f68f07e0573fcafac435aa5c41394572104a023f6c79ae33484a1b0c20765f7ffac2bf84e1ff715d0aacc08a927a24028d6863cdd0c31fad9896a5

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

1324 3744 WerFault.exe 4ace7b3da6d042f34d583d057abdb503f0f56f746801cbb0383da5efe8e3239a.exe

C:\Users\Admin\AppData\Local\Temp\4ace7b3da6d042f34d583d057abdb503f0f56f746801cbb0383da5efe8e3239a.exe
"C:\Users\Admin\AppData\Local\Temp\4ace7b3da6d042f34d583d057abdb503f0f56f746801cbb0383da5efe8e3239a.exe"
1⤵
PID:3744
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3744 -s 528
  2⤵
  - Program crash
  PID:1324

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3744 -ip 3744
1⤵
PID:2692

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3744-130-0x0000000002250000-0x000000000227F000-memory.dmp

Filesize
188KB

Download