Overview

overview

10

Static

static

7d45ce9597...84.exe

windows7-x64

10

7d45ce9597...84.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    298s
  • max time network
    310s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 13:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7d45ce95974a4862c0a7bb6e5b0b1744452d627c6ca75f5ea77c2e8e46c82d84.exe

  • Size

    58KB

  • MD5

    c937085ab627d4a88dc87cd4e9a7c916

  • SHA1

    4f29316905c894b1042d3826a3a65acce931d0ba

  • SHA256

    7d45ce95974a4862c0a7bb6e5b0b1744452d627c6ca75f5ea77c2e8e46c82d84

  • SHA512

    60f06ddc21a3478911480fc6df0e6116200ef0133b19419c1f7efce45d566f21c21a1a429154528954f13fed7fb8466d32bd9547a66f4c7bb2a27cd82b4cd827

  • SSDEEP

    768:C9id8zWWIJ5xJn98+DqljcqvNBe0s5IAnXxujpjIOjF7jXHx:C9PqWIJl98+DqlFNI0whXxujRIUF

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7d45ce95974a4862c0a7bb6e5b0b1744452d627c6ca75f5ea77c2e8e46c82d84.exe
    "C:\Users\Admin\AppData\Local\Temp\7d45ce95974a4862c0a7bb6e5b0b1744452d627c6ca75f5ea77c2e8e46c82d84.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3056
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3056 -s 552
      2⤵
      • Program crash
      PID:4328
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3056 -s 552
      2⤵
      • Program crash
      PID:4716
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 3056 -ip 3056
    1⤵
      PID:5032

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4328-132-0x0000000000000000-mapping.dmp

      Download