Overview

overview

8

Static

static

455f6e6ba6...da.exe

windows7-x64

8

455f6e6ba6...da.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    149s
  • max time network
    162s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-11-2022 16:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    455f6e6ba667ed68d72ef3f77a09b033e1d34c1af7d16dc120d080e9c0c62eda.exe

  • Size

    341KB

  • MD5

    d3aed86aff91840def6af292030521db

  • SHA1

    373e2c08dd2e06549ab51ae178dddbbae3d446db

  • SHA256

    455f6e6ba667ed68d72ef3f77a09b033e1d34c1af7d16dc120d080e9c0c62eda

  • SHA512

    3dd541d2c2c8bae3754a360530eb1f5e25cf530199e719e045aeaa4a963b140c988b227289f25b258bae17ab05dcd09c0217cf16262c9f0937670d62e0cf8bdc

  • SSDEEP

    6144:v2AVHBPYuisP5NNYZ8Rls7QOJpdAfELzwXQTsC28PAjP+WM/H2RkI:L5vYC0zJpdCEepD+WMfsd

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\455f6e6ba667ed68d72ef3f77a09b033e1d34c1af7d16dc120d080e9c0c62eda.exe
    "C:\Users\Admin\AppData\Local\Temp\455f6e6ba667ed68d72ef3f77a09b033e1d34c1af7d16dc120d080e9c0c62eda.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:3388
    • C:\Users\Admin\AppData\Local\Temp\455f6e6ba667ed68d72ef3f77a09b033e1d34c1af7d16dc120d080e9c0c62eda.exe
      "C:\Users\Admin\AppData\Local\Temp\455f6e6ba667ed68d72ef3f77a09b033e1d34c1af7d16dc120d080e9c0c62eda.exe"
      2⤵
        PID:2312
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3388 -s 304
        2⤵
        • Program crash
        PID:2548
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 3388 -ip 3388
      1⤵
        PID:216

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2312-133-0x0000000000000000-mapping.dmp

        Download

      • memory/2312-134-0x0000000000400000-0x0000000000444000-memory.dmp

        Filesize

        272KB

        Download

      • memory/2312-136-0x0000000000400000-0x0000000000444000-memory.dmp

        Filesize

        272KB

        Download

      • memory/3388-132-0x0000000000400000-0x000000000045A000-memory.dmp

        Filesize

        360KB

        Download

      • memory/3388-137-0x0000000000400000-0x000000000045A000-memory.dmp

        Filesize

        360KB

        Download