Overview

overview

8

Static

static

457e574c61...65.exe

windows7-x64

8

457e574c61...65.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    153s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/11/2022, 00:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    457e574c618ce574e4da279a4b6532cebed956ee0a430f6f48b60e9aef971565.exe

  • Size

    372KB

  • MD5

    0669e20bc2b7413d6922703062e062c3

  • SHA1

    91d27f75ddfd7b245b6c09f2ecaab8c5ab7e4a11

  • SHA256

    457e574c618ce574e4da279a4b6532cebed956ee0a430f6f48b60e9aef971565

  • SHA512

    a1c46657e77cd489f9c90672cbb33394066ec54735cb3ca203d4b1e1e1a4aba2177e5d886d1031b8367c674a2f03b0243038ef6f5c607d24f38a94094bda7b38

  • SSDEEP

    6144:pl+Cd34MXtksceFm9aqFKT6Gb8iz/DCaiCJPoel9WenNaH+VJ91sXgpEVGP:K/qksceSYjv+alPoel9/04eAP

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 13 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\457e574c618ce574e4da279a4b6532cebed956ee0a430f6f48b60e9aef971565.exe
    "C:\Users\Admin\AppData\Local\Temp\457e574c618ce574e4da279a4b6532cebed956ee0a430f6f48b60e9aef971565.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1664
    • C:\Users\Admin\AppData\Local\Temp\457e574c618ce574e4da279a4b6532cebed956ee0a430f6f48b60e9aef971565.exe
      C:\Users\Admin\AppData\Local\Temp\457e574c618ce574e4da279a4b6532cebed956ee0a430f6f48b60e9aef971565.exe
      2⤵
        PID:2184
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 2184 -s 504
          3⤵
          • Program crash
          PID:2608
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 2184 -ip 2184
      1⤵
        PID:220

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1664-132-0x0000000000400000-0x000000000046C000-memory.dmp

        Filesize

        432KB

        Download

      • memory/1664-133-0x0000000000400000-0x000000000046C000-memory.dmp

        Filesize

        432KB

        Download

      • memory/1664-134-0x0000000000401000-0x0000000000407000-memory.dmp

        Filesize

        24KB

        Download

      • memory/1664-135-0x0000000000400000-0x000000000046C000-memory.dmp

        Filesize

        432KB

        Download

      • memory/1664-142-0x0000000000400000-0x000000000046C000-memory.dmp

        Filesize

        432KB

        Download

      • memory/1664-138-0x0000000000400000-0x000000000046C000-memory.dmp

        Filesize

        432KB

        Download

      • memory/2184-140-0x0000000000400000-0x000000000044C000-memory.dmp

        Filesize

        304KB

        Download

      • memory/2184-141-0x0000000000400000-0x000000000044C000-memory.dmp

        Filesize

        304KB

        Download

      • memory/2184-143-0x0000000000400000-0x000000000044C000-memory.dmp

        Filesize

        304KB

        Download

      • memory/2184-144-0x0000000000400000-0x000000000044C000-memory.dmp

        Filesize

        304KB

        Download

      • memory/2184-145-0x0000000000400000-0x000000000044C000-memory.dmp

        Filesize

        304KB

        Download

      • memory/2184-146-0x0000000000400000-0x000000000044C000-memory.dmp

        Filesize

        304KB

        Download