Overview

overview

3

Static

static

8c738ad440...01.exe

windows7-x64

3

8c738ad440...01.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    53s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 11:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8c738ad440a6f3a7801e07dcb3e32fcf1b5522780aa30a87022f91824248a701.exe

  • Size

    106KB

  • MD5

    5d128092023f6902d83617a26cd71824

  • SHA1

    62bf38149e8bdac87d0df549bd7301b8b8059e97

  • SHA256

    8c738ad440a6f3a7801e07dcb3e32fcf1b5522780aa30a87022f91824248a701

  • SHA512

    4793467eb58f536ed2d6b119e8645b35727d6e321913ec424655c9ded1fa357f2217e65f634de0b3e7937d5b1b0d80770a451f3969a3178a4cb80c993f32df06

  • SSDEEP

    1536:DE55rlIuR68+md3RiyuSS8yRc2y9pvTQGoM+PpSX5ghmFM2tyj:DE3lFR6dgRi2Voc39uiX55bc

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8c738ad440a6f3a7801e07dcb3e32fcf1b5522780aa30a87022f91824248a701.exe
    "C:\Users\Admin\AppData\Local\Temp\8c738ad440a6f3a7801e07dcb3e32fcf1b5522780aa30a87022f91824248a701.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1176
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1176 -s 44
      2⤵
      • Program crash
      PID:576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/576-55-0x0000000000000000-mapping.dmp
    Download
  • memory/1176-54-0x0000000000400000-0x000000000041D000-memory.dmp
    Filesize

    116KB

    Download