596dc0adc4865dc96be7c1f8950d3d34348337e85146df0df4cd98d2f527015f | Triage

Analysis

max time kernel
60s
max time network
79s
platform
windows10-2004_x64
resource
win10v2004-20220721-en
resource tags

arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system
submitted
24-07-2022 03:58

Sharing

Report Analysis Logs

General

Target

596dc0adc4865dc96be7c1f8950d3d34348337e85146df0df4cd98d2f527015f.exe
Size

691KB
MD5

560c9dcf5ba659df8ea53859dd0abffe
SHA1

4cbcba149ddd94cdcd07b7a2f5a71df5e1b6530b
SHA256

596dc0adc4865dc96be7c1f8950d3d34348337e85146df0df4cd98d2f527015f
SHA512

a3d0ca2fd7c3f0dc5301aaf5ef22212d54c2a23790152ab3c31d2710569213352e91a7345f4bc47a084ecc5095e0474ba9a7be410adce898da33c2f43cf8a3d3

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

4716 3528 WerFault.exe 596dc0adc4865dc96be7c1f8950d3d34348337e85146df0df4cd98d2f527015f.exe

C:\Users\Admin\AppData\Local\Temp\596dc0adc4865dc96be7c1f8950d3d34348337e85146df0df4cd98d2f527015f.exe
"C:\Users\Admin\AppData\Local\Temp\596dc0adc4865dc96be7c1f8950d3d34348337e85146df0df4cd98d2f527015f.exe"
1⤵
PID:3528

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3528 -s 276
2⤵
- Program crash
PID:4716

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 3528 -ip 3528
1⤵
PID:4672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3528-130-0x00000000022D0000-0x0000000002364000-memory.dmp

Filesize
592KB

Download