Overview

overview

3

Static

static

81d3258c02...4c.exe

windows7-x64

3

81d3258c02...4c.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    186s
  • max time network
    197s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-12-2022 02:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    81d3258c0210844668ec7482249868920b05e2f97ed93eed44f64e115933b34c.exe

  • Size

    1.9MB

  • MD5

    38ed1482a93e877aa73059ae4d0fa8c4

  • SHA1

    c38f9632058d1a71a1679191406feb105553aa1a

  • SHA256

    81d3258c0210844668ec7482249868920b05e2f97ed93eed44f64e115933b34c

  • SHA512

    55466f9b1ed75371c4855ff286e59a1e82f01a3cb45b21470ef229cb521c1768aadfee7aad4cbabfda0ca35df5c19bd035b85bf51383579b4aa69a585d6cc6b4

  • SSDEEP

    49152:4xIjr6wPSFG2a0bDgfRFqT9EPvLI2ShrNDujwA:4qjr3S023Dg7qT+PBShBDQwA

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\81d3258c0210844668ec7482249868920b05e2f97ed93eed44f64e115933b34c.exe
    "C:\Users\Admin\AppData\Local\Temp\81d3258c0210844668ec7482249868920b05e2f97ed93eed44f64e115933b34c.exe"
    1⤵
      PID:1556
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1556 -s 640
        2⤵
        • Program crash
        PID:1880
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1556 -s 640
        2⤵
        • Program crash
        PID:1188
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 176 -p 1556 -ip 1556
      1⤵
        PID:2384
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 1556 -ip 1556
        1⤵
          PID:3972

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1556-132-0x0000000000400000-0x0000000000BDE000-memory.dmp

          Filesize

          7.9MB

          Download

        • memory/1556-134-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/1556-133-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/1556-135-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/1556-136-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/1556-137-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/1556-138-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/1556-139-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/1556-140-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/1556-141-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/1556-142-0x0000000000400000-0x0000000000BDE000-memory.dmp

          Filesize

          7.9MB

          Download

        • memory/1556-143-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

          Filesize

          368KB

          Download