Overview

overview

10

Static

static

10

400000.PTT...df.exe

windows7-x64

3

400000.PTT...df.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    91s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-08-2022 16:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    400000.PTTEM CONTRACTS LK-39874672320.pdf.exe

  • Size

    440KB

  • MD5

    a3233dbeaea1f113696d9cfad791100e

  • SHA1

    40b021c6ed88ef4ff3dd01bb0ae86606d54db86c

  • SHA256

    a0197278df66a0d861937f0228b4d8ef6d7c90a4a23bcf60452260f9a50ad5cf

  • SHA512

    55014633cb161e468b7551ed9d7e09c2d969a3a155484daff2a604d0af4e310096f1226cffb1a1455661b29d4ba80db71cdb078f1c5e73eed543afcbbdbb687a

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\400000.PTTEM CONTRACTS LK-39874672320.pdf.exe
    "C:\Users\Admin\AppData\Local\Temp\400000.PTTEM CONTRACTS LK-39874672320.pdf.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1344
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1344 -s 464
      2⤵
      • Program crash
      PID:3484
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 1344 -ip 1344
    1⤵
      PID:4920

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads