Analysis

  • max time kernel
    91s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 18:52

General

  • Target

    43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3.exe

  • Size

    255KB

  • MD5

    3eaf20bf47494023db88ee9da1437ed8

  • SHA1

    aec1d17b46a0b5c328ef39404e8521a203d3c555

  • SHA256

    43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3

  • SHA512

    11cd53fd3c46e428d1a10ad2fd474139afd1e8817396d8fc1bb964d0de6e1e5beb8c906a01eefcde42aa96c8b24f3c13a59bb5dcf02c05a300c4b050b1c2bd83

  • SSDEEP

    6144:AHP7/GdouNeZrrfWYLCut9VAFkBtPKldzPYKLGJbdtDuG4:AHbG6uElreYLCuzEkXKldDNL4Bt14

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3.exe
    "C:\Users\Admin\AppData\Local\Temp\43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3.exe"
    1⤵
      PID:1616
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1616 -s 456
        2⤵
        • Program crash
        PID:4768
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1616 -ip 1616
      1⤵
        PID:4812

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1616-132-0x0000000001000000-0x000000000106A000-memory.dmp

        Filesize

        424KB