Overview

overview

5

Static

static

613fb5895c...a9.exe

windows7-x64

1

613fb5895c...a9.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    173s
  • max time network
    181s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-10-2022 13:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    613fb5895c720f6dd11f83b516d365c433e14038c7b9d89b7a2c81f80f0bdba9.exe

  • Size

    72KB

  • MD5

    711fcceefbd2eab0506cee2687b9969b

  • SHA1

    236cf9e0f7f0ab6de101062d7e4c8845eec29c31

  • SHA256

    613fb5895c720f6dd11f83b516d365c433e14038c7b9d89b7a2c81f80f0bdba9

  • SHA512

    4430452203780c473f8c3cf12bfa59d393ebf2bd8c974590edc73a91eed95ec71ed3e5ab02b165ebc68e5d858a65630343278bbb951d893acd4807a28766bdb8

  • SSDEEP

    1536:INHmUtIyVaQkNCG5ANa20eeAsUJ9w2HwhMb+KR0Nc8QsJq39:OHdIyA4cSrJ+2Hwhe0Nc8QsC9

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\613fb5895c720f6dd11f83b516d365c433e14038c7b9d89b7a2c81f80f0bdba9.exe
    "C:\Users\Admin\AppData\Local\Temp\613fb5895c720f6dd11f83b516d365c433e14038c7b9d89b7a2c81f80f0bdba9.exe"
    1⤵
    • Drops file in System32 directory
    PID:4308
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4308 -s 456
      2⤵
      • Program crash
      PID:4940
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 4308 -ip 4308
    1⤵
      PID:4888

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads