Overview

overview

10

Static

static

10

3500-138-0...ry.exe

windows7-x64

3

3500-138-0...ry.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    167s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-11-2022 09:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3500-138-0x0000000010410000-0x000000001043F000-memory.exe

  • Size

    188KB

  • MD5

    a62e014d4032e0a1ab91d902446474c3

  • SHA1

    f53f8f0bbb465235bec7254de72b1a3d6b6abd9b

  • SHA256

    52cbe6f477cbd3724063b00ad2d8670a81b14b2f205ba54c9919e8ba859c47f7

  • SHA512

    67f7c0b330876c796ee4ab2e13af6b86fb142dbe7f598c73f2b7d4093e6d0f95dae9ddce956ac08e5a5ef191dd63820f26a2ee0f11e75b1c11c3e53b299dbe52

  • SSDEEP

    3072:TkT+VwL2ppo39HsM+/nW6fr5hQPtG5MLHSx8RT5+kJNEJ1YQ/os0DSMf:QTuvpopg/ts1G50y+RT5+jJp//0DSu

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3500-138-0x0000000010410000-0x000000001043F000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\3500-138-0x0000000010410000-0x000000001043F000-memory.exe"
    1⤵
      PID:2184
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2184 -s 220
        2⤵
        • Program crash
        PID:1576
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2184 -ip 2184
      1⤵
        PID:552

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads