Overview

overview

10

Static

static

560a9814fd...42.exe

windows7-x64

10

560a9814fd...42.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    24s
  • max time network
    29s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220722-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220722-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-07-2022 06:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exe

  • Size

    1.0MB

  • MD5

    5f38a507e3ed7b9a5f7131c482adf410

  • SHA1

    47a5ec01a5aaee35f443a01dc39b572a3a8bd9a4

  • SHA256

    560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442

  • SHA512

    d95ae2c285e803fc97d8bdf094867cdd7db91bcb80ac0248c79ff4e201b662b3b643196f118b78a1b93a841ce25c86bba8cd14bf08a1559980891de7f7d5a1a0

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exe
    "C:\Users\Admin\AppData\Local\Temp\560a9814fd1f985da446ccb6779503a719e98460134e6adc06452c67e8384442.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4828
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4828 -s 240
      2⤵
      • Program crash
      PID:3884
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 4828 -ip 4828
    1⤵
      PID:5016

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads