d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342

Analysis

max time kernel
187s
max time network
233s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
25-11-2022 06:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe
Size

42KB
MD5

a12fe6384aebd2d815398d144ea4bdff
SHA1

d0136bd0add532642187e00f83ac0571b54ef155
SHA256

d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342
SHA512

db8c8ed15a019994c598f6bedf60e722101258e5e8751e0f5897f065b75c546f693ceae41089c3c82d1ec6d54d9e02bcf6a3ca0fda05d1bdb118c44ebd700ccc
SSDEEP

768:cEqB7NpOrQAlZvFEZMB1Vglq6KS7kqIC3UAvUW7RvSVytP1UP+bGwi4ki5OJK:cEqBaRZqln7bBE1QRveCPaPSG9zdK

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

4404 2780 WerFault.exe d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe

pid	pid_target	process	target process
4404	2780	WerFault.exe	d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe

Enumerates system info in registry 2 TTPs 1 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Identifier	d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe

C:\Users\Admin\AppData\Local\Temp\d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe
"C:\Users\Admin\AppData\Local\Temp\d7f28bf286ba396c51b7e6138248615427c44e18d5fd8bb752484e88b4b2b342.exe"
1⤵
- Enumerates system info in registry
PID:2780

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2780 -s 296
2⤵
- Program crash
PID:4404

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 2780 -ip 2780
1⤵
PID:3544

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads