Analysis
-
max time kernel
152s -
max time network
191s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
02/10/2022, 03:57
General
-
Target
ed783759ca2f2c6ed49c54e96c3c25193f7e967c6ac46d7595527ebfc4750434.exe
-
Size
108KB
-
MD5
7d1796ab6ac49c558909d0dadb95e130
-
SHA1
ab2660ef9771524b1021543b69dfcc35cbe71ba0
-
SHA256
ed783759ca2f2c6ed49c54e96c3c25193f7e967c6ac46d7595527ebfc4750434
-
SHA512
ef564febdf177bb69d40c2a13b2dbc7cfd7f975298d43a1188179dc1db76cf0de7e5157ff46ff3b7a0688c2d097115405622e134635b2ff99150c7a28a4cdbf3
-
SSDEEP
1536:Lk1PCXf3l9izMfUBRq/YxiLvxnjXIRXMMGBkyJMjZROYJT3bQghxHCZFNbXIDQgv:Lnf3wRqQxKvxnsRcaCZbXID1C
Score
3/10
Malware Config
Signatures
-
Program crash 2 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\ed783759ca2f2c6ed49c54e96c3c25193f7e967c6ac46d7595527ebfc4750434.exe"C:\Users\Admin\AppData\Local\Temp\ed783759ca2f2c6ed49c54e96c3c25193f7e967c6ac46d7595527ebfc4750434.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4052 -s 2962⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4052 -s 2962⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 4052 -ip 40521⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
120KB
-
Filesize
120KB