Analysis
-
max time kernel
42s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
01-11-2022 15:23
Behavioral task
behavioral1
Sample
oos.exe
Resource
win7-20220812-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
oos.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
oos.exe
-
Size
504KB
-
MD5
af1e6840f7351cf6ade207de11a9983f
-
SHA1
dbc4f725029b7243c4297f668a1ad3b9dfdecd4d
-
SHA256
e71eba9f1a6afd930acf53b8aac467f256735ec0a52011934d9a5da38555ce61
-
SHA512
b4d4b46a7211f8032f5e8871218445046334024b3dc40b8ac7d0ff056aefe3f46dd0c602e003d3b71024d85a6f5e1004e3b604f8ddb0283e407e352905f7db27
-
SSDEEP
6144:E/Ya3uK4MW5sl80PF2hV/4puXyjSJ5DwFiyycdFXErWlsAOZZgjXAcjgXy6N:E/YaejslPd2f/4njSJJwLZ5sfZgwrN
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1456 1212 WerFault.exe oos.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
oos.exedescription pid process target process PID 1212 wrote to memory of 1456 1212 oos.exe WerFault.exe PID 1212 wrote to memory of 1456 1212 oos.exe WerFault.exe PID 1212 wrote to memory of 1456 1212 oos.exe WerFault.exe PID 1212 wrote to memory of 1456 1212 oos.exe WerFault.exe