Analysis
-
max time kernel
150s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
26-11-2022 12:17
Static task
static1
Behavioral task
behavioral1
Sample
6ba511dfc51a92080512e421935e6d6cdb0e6fe0f5799c3148e43d4d432ab667.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
6ba511dfc51a92080512e421935e6d6cdb0e6fe0f5799c3148e43d4d432ab667.exe
Resource
win10v2004-20220812-en
General
-
Target
6ba511dfc51a92080512e421935e6d6cdb0e6fe0f5799c3148e43d4d432ab667.exe
-
Size
313KB
-
MD5
1f27abc33206679625d3927ecbb3c987
-
SHA1
cbae79d10b9962e577416d962f57ba6d0a2c97e5
-
SHA256
6ba511dfc51a92080512e421935e6d6cdb0e6fe0f5799c3148e43d4d432ab667
-
SHA512
594790132df9cb47274538f4dc00f2490c308f5c3897fa1e926aab0ccea6c43e9a5b3f3b6865b84a8c384d7f4834c8e666b697742439fe908192419338192b78
-
SSDEEP
6144:TimqEZllzHsUh2m3zYwyGpwSNVrjl15RMVpyRyF5:TFJnlzHJB3byIhjRR25
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 3904 2592 WerFault.exe 6ba511dfc51a92080512e421935e6d6cdb0e6fe0f5799c3148e43d4d432ab667.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\6ba511dfc51a92080512e421935e6d6cdb0e6fe0f5799c3148e43d4d432ab667.exe"C:\Users\Admin\AppData\Local\Temp\6ba511dfc51a92080512e421935e6d6cdb0e6fe0f5799c3148e43d4d432ab667.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2592 -s 4482⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 2592 -ip 25921⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2592-132-0x0000000002060000-0x0000000002079000-memory.dmpFilesize
100KB