Overview

overview

10

Static

static

10

892-201-0x...ry.exe

windows7-x64

1

892-201-0x...ry.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/09/2022, 00:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    892-201-0x0000000000550000-0x0000000000562000-memory.exe

  • Size

    72KB

  • MD5

    37abceea6769dbc8d2ecfbb6649b9afd

  • SHA1

    2d1a33a6fbbd908bda8a7b184317673790cc879f

  • SHA256

    6e33eba5de49b969d3528737ba879fdddb89f42057b096f2c25b694fbf89a00c

  • SHA512

    4da21382e661b1613f51df851dadd86c979666741cc09a7a510c97e7cb9c9f4bff6431e568808c02d3a8489019a4fa45c22e695a086e8ee794745c5fb94bf449

  • SSDEEP

    1536:mYMEYOCI2l796QXJD5SgQpXWCdoZK4hEnXLTu4kO3U8zxJmIqIdYfN8U:mlEYOCI2b6QXJD5Svp9OhEXL7kOk8zxJ

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\892-201-0x0000000000550000-0x0000000000562000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\892-201-0x0000000000550000-0x0000000000562000-memory.exe"
    1⤵
      PID:4896
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4896 -s 192
        2⤵
        • Program crash
        PID:3308
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 208 -p 4896 -ip 4896
      1⤵
        PID:4364

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads