Overview

overview

10

Static

static

e877a8dc29...e6.exe

windows7-x64

3

e877a8dc29...e6.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    40s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 21:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e877a8dc2909b397dffd106228fcc390e573be03c4f2c8f0d13cd42c022af3e6.exe

  • Size

    902KB

  • MD5

    4c1d2266f813a4c181e42302698dab20

  • SHA1

    c2c058aaf814478520f7b89ddc1e44d15ae19847

  • SHA256

    e877a8dc2909b397dffd106228fcc390e573be03c4f2c8f0d13cd42c022af3e6

  • SHA512

    98e612a4376a32af2e5dbfab652cc027f41142a5261959926f4118080f1121b70b5892b69c3a0da3ff3151df7986b21e6aff5712d4642360a33626d0bee70577

  • SSDEEP

    12288:tflmx9S5j5n8u3SE+JlLOJVK7UEaM5SO4zg4vPcHOps:ttZ3UJROJV7RFfcHOps

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e877a8dc2909b397dffd106228fcc390e573be03c4f2c8f0d13cd42c022af3e6.exe
    "C:\Users\Admin\AppData\Local\Temp\e877a8dc2909b397dffd106228fcc390e573be03c4f2c8f0d13cd42c022af3e6.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1916
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1916 -s 164
      2⤵
      • Program crash
      PID:1072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1072-55-0x0000000000000000-mapping.dmp
    Download
  • memory/1916-54-0x0000000075A81000-0x0000000075A83000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1916-56-0x0000000000400000-0x00000000004E8000-memory.dmp
    Filesize

    928KB

    Download