Analysis
-
max time kernel
95s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
23-11-2022 15:31
Static task
static1
Behavioral task
behavioral1
Sample
5a270a41b035ebf1b90e85840e7ca0e4fbf706bafd44fa5882805b1a21e1d9a4.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
5a270a41b035ebf1b90e85840e7ca0e4fbf706bafd44fa5882805b1a21e1d9a4.exe
Resource
win10v2004-20221111-en
General
-
Target
5a270a41b035ebf1b90e85840e7ca0e4fbf706bafd44fa5882805b1a21e1d9a4.exe
-
Size
148KB
-
MD5
37627448513abd86310e961c3356c87c
-
SHA1
e900060e077e13b806452485275cdd85bc6ea495
-
SHA256
5a270a41b035ebf1b90e85840e7ca0e4fbf706bafd44fa5882805b1a21e1d9a4
-
SHA512
eb4df7be6dcec7f91e99a2bf6ab7534b4960651d59f45427bce5a19e28506ee143e8f558034bc087bb3eeef8d849b872094e3538bf6a324159e25e9cd719d6da
-
SSDEEP
3072:kgRceJcD/eK6V4YCfo5updOaE8LzbmM95eOBu1z:dRjJcD/eK6DCg2OzKbBbeOBy
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 520 1164 WerFault.exe 5a270a41b035ebf1b90e85840e7ca0e4fbf706bafd44fa5882805b1a21e1d9a4.exe -
Suspicious behavior: RenamesItself 1 IoCs
Processes:
5a270a41b035ebf1b90e85840e7ca0e4fbf706bafd44fa5882805b1a21e1d9a4.exepid process 1164 5a270a41b035ebf1b90e85840e7ca0e4fbf706bafd44fa5882805b1a21e1d9a4.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\5a270a41b035ebf1b90e85840e7ca0e4fbf706bafd44fa5882805b1a21e1d9a4.exe"C:\Users\Admin\AppData\Local\Temp\5a270a41b035ebf1b90e85840e7ca0e4fbf706bafd44fa5882805b1a21e1d9a4.exe"1⤵
- Suspicious behavior: RenamesItself
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1164 -s 2202⤵
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1164-54-0x0000000076931000-0x0000000076933000-memory.dmpFilesize
8KB