Analysis
-
max time kernel
43s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
25-08-2022 10:46
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
windows7-x64
2 signatures
150 seconds
General
-
Target
file.exe
-
Size
3.5MB
-
MD5
b89f19722b9314be39b045c6f86315e6
-
SHA1
ae44eccd47ac5e60ae32c201a09f4c79eb7ed688
-
SHA256
ab0e35830bdaf3502d037d059b50f1e10c8283f5300565d6fb311d0827ac6ae8
-
SHA512
92ad1fc392282dbd84799db94d068ad72edb0fef71ae9a49965bff61d93badcac4234458e90ceec65afb867d1ceafea0447091eae284d605b544086667974019
-
SSDEEP
3072:mo/4QDwwMDrOIOTV5wGvySOEIEVpIhkEJ/mJNlV/f76ebIvq57vJyBvlBD9YEnH2:CFCmq1UEw1+
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1296 2016 WerFault.exe file.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
file.exedescription pid process target process PID 2016 wrote to memory of 1296 2016 file.exe WerFault.exe PID 2016 wrote to memory of 1296 2016 file.exe WerFault.exe PID 2016 wrote to memory of 1296 2016 file.exe WerFault.exe PID 2016 wrote to memory of 1296 2016 file.exe WerFault.exe