Overview

overview

3

Static

static

7afcd211a3...c0.exe

windows7-x64

3

7afcd211a3...c0.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    17s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2022, 10:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7afcd211a3e3b076a9defd063f8f8ef27a634374411f60c60230ed35c6f5fcc0.exe

  • Size

    224KB

  • MD5

    76c53ee05705aef1a7bbd1464bf19216

  • SHA1

    4914fda477c280f46d919787b00d62e56e1be2b0

  • SHA256

    7afcd211a3e3b076a9defd063f8f8ef27a634374411f60c60230ed35c6f5fcc0

  • SHA512

    784acee94f5232b12537993b29bb627f1b1cb2602529856095523ee290aefd8cabb45b0fc4fbd57f4aaa985cc53fb2d937cbafa2521fa3fb1c0b6b8d5d5d3d61

  • SSDEEP

    768:1DsJPHOF3W8nMIbk6KQVEs8rA7FYM9M6Ap9riiJ:1YJf83W8W60IL26Ap8iJ

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7afcd211a3e3b076a9defd063f8f8ef27a634374411f60c60230ed35c6f5fcc0.exe
    "C:\Users\Admin\AppData\Local\Temp\7afcd211a3e3b076a9defd063f8f8ef27a634374411f60c60230ed35c6f5fcc0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1360
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1360 -s 148
      2⤵
      • Program crash
      PID:1784

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1360-54-0x0000000000400000-0x0000000000442000-memory.dmp

    Filesize

    264KB

    Download