Overview

overview

8

Static

static

f52898a7a0...1a.exe

windows7-x64

8

f52898a7a0...1a.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    161s
  • max time network
    200s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/11/2022, 04:14 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f52898a7a0d283c24431654982adada9dbc5359259c9f5748808458d473ddb1a.exe

  • Size

    287KB

  • MD5

    039e00216be710c9bfd9996f19a685b0

  • SHA1

    7b22756b81426458d7e45f2ebd8fd7ca655fe417

  • SHA256

    f52898a7a0d283c24431654982adada9dbc5359259c9f5748808458d473ddb1a

  • SHA512

    c053271be75415a83961378d1523012822f47d2c7778e83b6a805b76e8be5f686379b40e15671c744b75271443c255cf1a663d8de3e43d6d69add16817d81f86

  • SSDEEP

    6144:XIQsbun/1o3F3eZZJDZfgPOmCTC+bgC93joA6bp6Hky3+hekFuD:X0bun/W34ZZJ1cjCT3bgO16bY+AD

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f52898a7a0d283c24431654982adada9dbc5359259c9f5748808458d473ddb1a.exe
    "C:\Users\Admin\AppData\Local\Temp\f52898a7a0d283c24431654982adada9dbc5359259c9f5748808458d473ddb1a.exe"
    1⤵
      PID:2476
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2476 -s 416
        2⤵
        • Program crash
        PID:4308
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 2476 -ip 2476
      1⤵
        PID:2860

      Network

      • flag-unknown
        DNS
        164.2.77.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        164.2.77.40.in-addr.arpa
        IN PTR
        Response
      • flag-unknown
        DNS
        9.9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.3.0.4.0.0.3.0.1.3.0.6.2.ip6.arpa
        Remote address:
        8.8.8.8:53
        Request
        9.9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.3.0.4.0.0.3.0.1.3.0.6.2.ip6.arpa
        IN PTR
        Response
      • 93.184.220.29:80
        322 B
         7
      • 72.21.81.240:80
        322 B
         7
      • 13.69.116.104:443
        322 B
         7
      • 93.184.221.240:80
        260 B
         5
      • 93.184.221.240:80
        260 B
         5
      • 93.184.221.240:80
        322 B
         7
      • 93.184.221.240:80
        322 B
         7
      • 93.184.221.240:80
        260 B
         5
      • 93.184.221.240:80
        322 B
         7
      • 93.184.221.240:80
        260 B
         5
      • 104.80.225.205:443
        322 B
         7
      • 8.8.8.8:53
        164.2.77.40.in-addr.arpa
        dns
        70 B
         144 B
         1
        1

        DNS Request

        164.2.77.40.in-addr.arpa

      • 8.8.8.8:53
        9.9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.3.0.4.0.0.3.0.1.3.0.6.2.ip6.arpa
        dns
        118 B
         204 B
         1
        1

        DNS Request

        9.9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.3.0.4.0.0.3.0.1.3.0.6.2.ip6.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.