Overview

overview

3

Static

static

52076fa90d...eb.exe

windows7-x64

1

52076fa90d...eb.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    151s
  • max time network
    176s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 15:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    52076fa90d675f4ebc12ef5e7c0a897121c14304ad5c7dc2c590c44089ae78eb.exe

  • Size

    13KB

  • MD5

    4f9a97f124dc6092d5dff1ad9c23b9e6

  • SHA1

    c82d3cb072ef18eaae340f5da448669fbc5b297f

  • SHA256

    52076fa90d675f4ebc12ef5e7c0a897121c14304ad5c7dc2c590c44089ae78eb

  • SHA512

    f9b699c81fd5a8803972288c9ddb79e5a4644906d2f449702b1884aadb123c0312539baa6f5b0c36342a8eebe67babeb84fca6137544a81b2b45e1ebc4b95e42

  • SSDEEP

    192:ypGc1Zl2tVAfNxl1THs6xgzg1GqlRpeL7a6nQAzXghsHhJnS9woTBhRVAS:ypGJOxDTHfxXEBwhsBJnyVn

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\52076fa90d675f4ebc12ef5e7c0a897121c14304ad5c7dc2c590c44089ae78eb.exe
    "C:\Users\Admin\AppData\Local\Temp\52076fa90d675f4ebc12ef5e7c0a897121c14304ad5c7dc2c590c44089ae78eb.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4132
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4132 -s 288
      2⤵
      • Program crash
      PID:224
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4132 -s 288
      2⤵
      • Program crash
      PID:3964
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 4132 -ip 4132
    1⤵
      PID:2896

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/224-132-0x0000000000000000-mapping.dmp

      Download