Overview

overview

5

Static

static

df47b8d159...31.exe

windows7-x64

5

df47b8d159...31.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    86s
  • max time network
    133s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/10/2022, 13:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    df47b8d159bc461d26a7b4a74ac44d0c89206c4a67bad409ed248964156ed531.exe

  • Size

    188KB

  • MD5

    6127538303abba4ac3d9f5195ef01957

  • SHA1

    4dd9183d5342e8b1fed792f31c6de16a190f845d

  • SHA256

    df47b8d159bc461d26a7b4a74ac44d0c89206c4a67bad409ed248964156ed531

  • SHA512

    b3cc11db90b2ef78326395cd44caa6cb3a88fc8f93ad6fdfb53d120b0f1f693ccba7705e208c0e4e3fe6f1e58d4e2de119d503b522add21b6c24b272c239d109

  • SSDEEP

    3072:YDP8EwuW5uTbJqONqe+QSJCr2834mTLFMzF9hIW+zOe6eTMg/o40OPtttmFr:KwukuT9qIzutUcFnwOheTA40OPtttg

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\df47b8d159bc461d26a7b4a74ac44d0c89206c4a67bad409ed248964156ed531.exe
    "C:\Users\Admin\AppData\Local\Temp\df47b8d159bc461d26a7b4a74ac44d0c89206c4a67bad409ed248964156ed531.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:844
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 844 -s 468
      2⤵
      • Program crash
      PID:3916
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 844 -ip 844
    1⤵
      PID:4224

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads