751054dc8e27fb457477faf461f5a5533faf29e8b3e4435fc600d282022565ad | Triage

Analysis

max time kernel
77s
max time network
129s
platform
windows10-2004_x64
resource
win10v2004-20220721-en
resource tags

arch:x64arch:x86image:win10v2004-20220721-enlocale:en-usos:windows10-2004-x64system
submitted
31-07-2022 07:19

Sharing

Report Analysis Logs

General

Target

751054dc8e27fb457477faf461f5a5533faf29e8b3e4435fc600d282022565ad.exe
Size

556KB
MD5

601765f77a236dac4f96d5508b32704e
SHA1

b668b3cf554275d41a0197b896d5e15b253f643e
SHA256

751054dc8e27fb457477faf461f5a5533faf29e8b3e4435fc600d282022565ad
SHA512

608342841beaddcaf978e1762c61048906bbf9985b416a8812984bbdd2beff3cfcb3739675516eb2da3814ddb37d48860d2e5d037073dcca12fcbadbfa4818c3

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

808 5016 WerFault.exe 751054dc8e27fb457477faf461f5a5533faf29e8b3e4435fc600d282022565ad.exe

C:\Users\Admin\AppData\Local\Temp\751054dc8e27fb457477faf461f5a5533faf29e8b3e4435fc600d282022565ad.exe
"C:\Users\Admin\AppData\Local\Temp\751054dc8e27fb457477faf461f5a5533faf29e8b3e4435fc600d282022565ad.exe"
1⤵
PID:5016

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5016 -s 488
2⤵
- Program crash
PID:808

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 5016 -ip 5016
1⤵
PID:3672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...