Analysis
-
max time kernel
68s -
max time network
130s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
03-12-2022 17:18
Static task
static1
Behavioral task
behavioral1
Sample
33c6b2be9c8053315672c2d4d8fa376d1d93be144d49f39d93d0a58dc0a74197.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
33c6b2be9c8053315672c2d4d8fa376d1d93be144d49f39d93d0a58dc0a74197.exe
Resource
win10v2004-20220812-en
General
-
Target
33c6b2be9c8053315672c2d4d8fa376d1d93be144d49f39d93d0a58dc0a74197.exe
-
Size
152KB
-
MD5
1fa57cfd66534bac91ff5ffb332acb29
-
SHA1
bd3ae503220811614910459646272f2aacdd1003
-
SHA256
33c6b2be9c8053315672c2d4d8fa376d1d93be144d49f39d93d0a58dc0a74197
-
SHA512
c33ed7bd7c9c769a99ec50a41363407855e92776dd06db24db65981d08fbeb0297409e25ff00b20137773fa69578f6d7e5268cb55927f1e5abda1cb95042fbed
-
SSDEEP
1536:c1DMz1DQvXLq6t7awFONecenlLnQHIG5R9c73P600t:9eGw9A0rC00t
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 5068 4808 WerFault.exe 33c6b2be9c8053315672c2d4d8fa376d1d93be144d49f39d93d0a58dc0a74197.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
33c6b2be9c8053315672c2d4d8fa376d1d93be144d49f39d93d0a58dc0a74197.exepid process 4808 33c6b2be9c8053315672c2d4d8fa376d1d93be144d49f39d93d0a58dc0a74197.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\33c6b2be9c8053315672c2d4d8fa376d1d93be144d49f39d93d0a58dc0a74197.exe"C:\Users\Admin\AppData\Local\Temp\33c6b2be9c8053315672c2d4d8fa376d1d93be144d49f39d93d0a58dc0a74197.exe"1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4808 -s 4682⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 4808 -ip 48081⤵