Overview

overview

6

Static

static

1966bd9b23...da.exe

windows7-x64

6

1966bd9b23...da.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    204s
  • max time network
    207s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/11/2022, 06:57 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1966bd9b23b564ae2de3efea6bce5bb748e5a4b069c79e7ef3e49b7d191998da.exe

  • Size

    177KB

  • MD5

    00025d44068be95bdab6f1b12e904a25

  • SHA1

    39a1a47fc0196ac629d842767ad1bd5ff2d5c07b

  • SHA256

    1966bd9b23b564ae2de3efea6bce5bb748e5a4b069c79e7ef3e49b7d191998da

  • SHA512

    007a3cba208992c815937eb0443eb21bf2541aa5d8ae5529f84bd3667c06ca4df2b02f82d8f63b59f432b0474645fff3c9cb77fed9ad2ccda131f3627dfc617e

  • SSDEEP

    1536:iMASiLNFZdO/Lf7QrZLjc8wxisKldlK0KxRw7Cx53+/FzLAi2p:i3vO/Q9LY8JZK9HSCx5O/FN6

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1966bd9b23b564ae2de3efea6bce5bb748e5a4b069c79e7ef3e49b7d191998da.exe
    "C:\Users\Admin\AppData\Local\Temp\1966bd9b23b564ae2de3efea6bce5bb748e5a4b069c79e7ef3e49b7d191998da.exe"
    1⤵
      PID:4716
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4716 -s 392
        2⤵
        • Program crash
        PID:2208
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4716 -ip 4716
      1⤵
        PID:3968

      Network

      • flag-unknown
        DNS
        14.110.152.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        14.110.152.52.in-addr.arpa
        IN PTR
        Response
      • 8.253.208.113:80
        322 B
         7
      • 8.253.208.113:80
        322 B
         7
      • 8.253.208.113:80
        260 B
         5
      • 93.184.220.29:80
        322 B
         7
      • 8.253.208.113:80
        260 B
         5
      • 209.197.3.8:80
        46 B
         40 B
         1
        1
      • 40.126.32.133:443
        260 B
         5
      • 20.42.65.84:443
        322 B
         7
      • 104.80.225.205:443
        322 B
         7
      • 40.126.32.138:443
        260 B
         5
      • 40.126.32.68:443
        260 B
         5
      • 52.109.77.1:443
        322 B
         7
      • 8.8.8.8:53
        14.110.152.52.in-addr.arpa
        dns
        72 B
         146 B
         1
        1

        DNS Request

        14.110.152.52.in-addr.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4716-132-0x0000000000400000-0x0000000000430000-memory.dmp

        Filesize

        192KB

        Download

      • memory/4716-133-0x0000000000400000-0x0000000000430000-memory.dmp

        Filesize

        192KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.