Analysis
-
max time kernel
39s -
max time network
43s -
platform
windows7_x64 -
resource
win7-20220715-en -
resource tags
arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system -
submitted
05-08-2022 07:06
Static task
static1
Behavioral task
behavioral1
Sample
TRANSFER.exe
Resource
win7-20220715-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
TRANSFER.exe
Resource
win10v2004-20220722-en
windows10-2004-x64
8 signatures
150 seconds
General
-
Target
TRANSFER.exe
-
Size
1.4MB
-
MD5
6153ed96a83ceea98dbae09e7b77fcf6
-
SHA1
7f9a6ce71969ef0eb7deeafed635a127f23e37a8
-
SHA256
08b3772f35997a0eb0894e7e58b4a324324de6121f557976909bdaa31a2c883e
-
SHA512
189317086da1cad38db31b7a791a3a9c34dd551245e1ff4f74563429b17a33485e8ce5fff48e0cfef09d1034b2c7a953dfeeed75636d61ddaf110137a298a701
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 112 1164 WerFault.exe TRANSFER.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
TRANSFER.exedescription pid process target process PID 1164 wrote to memory of 112 1164 TRANSFER.exe WerFault.exe PID 1164 wrote to memory of 112 1164 TRANSFER.exe WerFault.exe PID 1164 wrote to memory of 112 1164 TRANSFER.exe WerFault.exe PID 1164 wrote to memory of 112 1164 TRANSFER.exe WerFault.exe