Analysis
-
max time kernel
91s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
12/10/2022, 18:01
General
-
Target
f8a67ed65a3a236b8fb04745633eb8ea5475eef63e5d91244ebaaf148915431e.exe
-
Size
82KB
-
MD5
6f7405f6c6506bd41d3ce76944011e47
-
SHA1
5ef2111ade0a6388fbe4d9aeaa08fcf6413bc609
-
SHA256
f8a67ed65a3a236b8fb04745633eb8ea5475eef63e5d91244ebaaf148915431e
-
SHA512
ad4ee89d4cb738b62025f9113e76c8ac05b46e72311a597c55189ccd53943d8b5d80c1df4ea05be75cb3d0b0f60f47b06813c33ad3033caa9007409e518e290d
-
SSDEEP
1536:r9m+0VFZaYJQbRuzK75m8sVwWj9eccMRn4fFA0Mj0Olc8tt+rP9U1PEWgL:r7GZaYwRL75ZsVdhtrRw5c096O4
Score
8/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Program crash 1 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f8a67ed65a3a236b8fb04745633eb8ea5475eef63e5d91244ebaaf148915431e.exe"C:\Users\Admin\AppData\Local\Temp\f8a67ed65a3a236b8fb04745633eb8ea5475eef63e5d91244ebaaf148915431e.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4824 -s 6442⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 4824 -ip 48241⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
208KB
-
Filesize
92KB
-
Filesize
208KB
-
Filesize
92KB