Overview

overview

10

Static

static

10

tmp.exe

windows7-x64

1

tmp.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-09-2022 05:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp.exe

  • Size

    72KB

  • MD5

    30cb0fb2a04d96504f2236318b7edf94

  • SHA1

    91ed688ae38df9b0e8efb0e11454cd8a5232cad0

  • SHA256

    56be1ccabbac51b5ab74a9bedaca4b9c5b4c88d3cc6c7b77fcbbd11ce39fedb4

  • SHA512

    cf26ff72e323883a1ab35829c7dc91c436f3d38380f7980ba4a7d6457da53b0dc3eafe9fbd08e1aa966db70928d7d37b49c2a035ffb5cb7665827cc187d4cbdc

  • SSDEEP

    1536:ISo2eDHlaejozMe0Uv9RWUitUJZGMb+KR0Nc8QsJq39:jsFaejoLdlsRtIZGe0Nc8QsC9

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tmp.exe
    "C:\Users\Admin\AppData\Local\Temp\tmp.exe"
    1⤵
      PID:824
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 824 -s 260
        2⤵
        • Program crash
        PID:1716
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 824 -s 300
        2⤵
        • Program crash
        PID:5064
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 824 -ip 824
      1⤵
        PID:1504
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 824 -ip 824
        1⤵
          PID:4168

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads