Overview

overview

8

Static

static

c410095f95...41.exe

windows7-x64

3

c410095f95...41.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    44s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 11:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c410095f95ea561c1f46998951e1d4c37204305ab0dcfd73211f8fd245deb041.exe

  • Size

    56KB

  • MD5

    949a9fb661827addd9449d4502a1a416

  • SHA1

    11fcd28e9e4c799ad7d166da5f4bc2e403458082

  • SHA256

    c410095f95ea561c1f46998951e1d4c37204305ab0dcfd73211f8fd245deb041

  • SHA512

    cbca50c5ebac9ad0564aa8c6e63136ddb9aa7c3f94b434c6b66c0e5d48d7d01fd2cbccc8e74329a09c032c1f26332edb74885d0903d27c3c45d28f7a25e8adb9

  • SSDEEP

    1536:GdNwMTZI0eoYP1Q7kCHdnPWtO2pYc7EPih:iNwMTJejC73nPWtOiY8Cih

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c410095f95ea561c1f46998951e1d4c37204305ab0dcfd73211f8fd245deb041.exe
    "C:\Users\Admin\AppData\Local\Temp\c410095f95ea561c1f46998951e1d4c37204305ab0dcfd73211f8fd245deb041.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1492
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1492 -s 36
      2⤵
      • Program crash
      PID:1124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1124-54-0x0000000000000000-mapping.dmp
    Download