Overview

overview

3

Static

static

86555a8c66...f7.exe

windows7-x64

3

86555a8c66...f7.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-11-2022 13:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    86555a8c66bb0ac73f10ee9f5e49fd359bb037e533d61841495d982e13f770f7.exe

  • Size

    118KB

  • MD5

    abad567f6ce4ec5353618c22471e2c52

  • SHA1

    8b13792ba7ccd38c00261fc7e2b14d1d3d431aba

  • SHA256

    86555a8c66bb0ac73f10ee9f5e49fd359bb037e533d61841495d982e13f770f7

  • SHA512

    5194837170c61a0ce354acb8c12d18a623f47eecfc66071c44d3aca7c68eeb7ceb8f1d642f02897e288e1980980d5b76b53656454629e2b6bc1508a51b4e9ce7

  • SSDEEP

    3072:equF0JUDBygV9xYQAhN7fUCBNn11H9SqUp6:eh0JdC9xYjhN771Jx

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\86555a8c66bb0ac73f10ee9f5e49fd359bb037e533d61841495d982e13f770f7.exe
    "C:\Users\Admin\AppData\Local\Temp\86555a8c66bb0ac73f10ee9f5e49fd359bb037e533d61841495d982e13f770f7.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2656
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2656 -s 284
      2⤵
      • Program crash
      PID:2900
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 2656 -ip 2656
    1⤵
      PID:2424

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads