Analysis
-
max time kernel
24s -
max time network
29s -
platform
windows10-2004_x64 -
resource
win10v2004-20220722-en -
resource tags
arch:x64arch:x86image:win10v2004-20220722-enlocale:en-usos:windows10-2004-x64system -
submitted
25-07-2022 06:03
Static task
static1
Behavioral task
behavioral1
Sample
560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exe
Resource
win7-20220718-en
windows7-x64
9 signatures
150 seconds
Behavioral task
behavioral2
Sample
560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exe
Resource
win10v2004-20220722-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exe
-
Size
1.0MB
-
MD5
5f38a507e3ed7b9a5f7131c482adf410
-
SHA1
47a5ec01a5aaee35f443a01dc39b572a3a8bd9a4
-
SHA256
560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442
-
SHA512
d95ae2c285e803fc97d8bdf094867cdd7db91bcb80ac0248c79ff4e201b662b3b643196f118b78a1b93a841ce25c86bba8cd14bf08a1559980891de7f7d5a1a0
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 3884 4828 WerFault.exe 560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exepid process 4828 560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exe"C:\Users\Admin\AppData\Local\Temp\560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exe"1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4828 -s 2402⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 4828 -ip 48281⤵