Analysis
-
max time kernel
137s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
03/12/2022, 02:27
General
-
Target
bf4b54ec61c61d01cd65181056566a8da00ba6067aeec6788bd5dd04c70520c7.exe
-
Size
95KB
-
MD5
3e6cc7d9c8141b7eb24cfccdb84a38ab
-
SHA1
805705ce83d92d3ec0bd03e9bf05770924ecc41f
-
SHA256
bf4b54ec61c61d01cd65181056566a8da00ba6067aeec6788bd5dd04c70520c7
-
SHA512
a0f88ecc791dc2edece61f31c91e47106292abae79b3b0da96bb7a9e31c636ad6d05789b80c9c9e7d6caa0485a16bde9da4bd4d0b6c7bdb54dc1743f150b3e6f
-
SSDEEP
1536:TcZBzsc//////eHLamQe+O2meYxFzU1I+KofPuenCI7+oIc/nf2bFztcn06bZ:Tc74c//////R3eONYxFzlLQW5oIc/feq
Score
5/10
Malware Config
Signatures
-
Suspicious use of SetThreadContext 1 IoCs
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 5 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\bf4b54ec61c61d01cd65181056566a8da00ba6067aeec6788bd5dd04c70520c7.exe"C:\Users\Admin\AppData\Local\Temp\bf4b54ec61c61d01cd65181056566a8da00ba6067aeec6788bd5dd04c70520c7.exe"1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\bf4b54ec61c61d01cd65181056566a8da00ba6067aeec6788bd5dd04c70520c7.exeC:\Users\Admin\AppData\Local\Temp\bf4b54ec61c61d01cd65181056566a8da00ba6067aeec6788bd5dd04c70520c7.exe2⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2956 -s 803⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 2956 -ip 29561⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
60KB