Analysis

  • max time kernel
    41s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    30-10-2022 14:50

General

  • Target

    43943c812315466dbbe41d15ae86c76b54fd6b14aaef69c8af9a19ea859d1a85.exe

  • Size

    34KB

  • MD5

    a2b1c5aa781ed5d0aebb137a3843f499

  • SHA1

    dbedf337eccf87cb77691054f0e3f40e9ee38e58

  • SHA256

    43943c812315466dbbe41d15ae86c76b54fd6b14aaef69c8af9a19ea859d1a85

  • SHA512

    a16f24ec46879bb60f916c6bb900f79a6af74a3393dd250d72718b3f21e34a92cad1d68cc14f9269458acb895e470a09da0808a84703de126ba86b4cfa19d36d

  • SSDEEP

    768:iHHIQcqX65aCzJSmohk1efuKvj4vELgsA35pP+Zpz19mJvdpbzWn:iHoTuCSmohBlvcvbsA3bPqpzEzWn

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\43943c812315466dbbe41d15ae86c76b54fd6b14aaef69c8af9a19ea859d1a85.exe
    "C:\Users\Admin\AppData\Local\Temp\43943c812315466dbbe41d15ae86c76b54fd6b14aaef69c8af9a19ea859d1a85.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1808
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1808 -s 36
      2⤵
      • Program crash
      PID:1988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1808-55-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB

  • memory/1988-54-0x0000000000000000-mapping.dmp