Overview

overview

10

Static

static

febace4191...aa.exe

windows7-x64

10

febace4191...aa.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    91s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-11-2022 15:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    febace4191306b2b6cae04a1fd81b4fdcb9c8f454780875c4dcf83472cb092aa.exe

  • Size

    201KB

  • MD5

    0329549af7ca2ed4c79d2bcf8b724e61

  • SHA1

    141b9750d8522b14312d2bc0b4259ebbf603c335

  • SHA256

    febace4191306b2b6cae04a1fd81b4fdcb9c8f454780875c4dcf83472cb092aa

  • SHA512

    d4e1907dd1f2ab2905a64e6b8d85fc259897dd5ea691eaa3c4488b10045d8e0cf877ddc10da29d9a0b372b93c30f49c736e81270a706f062a96cb10263802512

  • SSDEEP

    6144:Hza2Nj+MLxwkcWTq/81DDiSTz9nqEja3TXU0xtFp:HqEjk7l7Fp

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\febace4191306b2b6cae04a1fd81b4fdcb9c8f454780875c4dcf83472cb092aa.exe
    "C:\Users\Admin\AppData\Local\Temp\febace4191306b2b6cae04a1fd81b4fdcb9c8f454780875c4dcf83472cb092aa.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4216
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4216 -s 464
      2⤵
      • Program crash
      PID:4996
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4216 -ip 4216
    1⤵
      PID:3536

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads