Overview

overview

3

Static

static

b1477ca086...96.exe

windows7-x64

3

b1477ca086...96.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    19s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    03/12/2022, 19:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b1477ca0867a34c1fde40d6e41c0b54b046a47f115c47f1bf03bcd7349769b96.exe

  • Size

    216KB

  • MD5

    059b5f957b32840d5b3a6cb12ade8031

  • SHA1

    76cea0a009dfc8f81a5e590ba2c9ba6b0d809f30

  • SHA256

    b1477ca0867a34c1fde40d6e41c0b54b046a47f115c47f1bf03bcd7349769b96

  • SHA512

    ccf9e7a2ede8326586939f0987211994a4f599f2094bd412ca50b926e9a6fad4c037bdb870566802abfff5167b2266d95fb9b501781953a0dd04c60df24cbf31

  • SSDEEP

    6144:h+ri+ewH89guKBQgfRpz+UH6/CqrxIwaYfTYiItK:COw8guKG81+UH6qSxe4TYE

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b1477ca0867a34c1fde40d6e41c0b54b046a47f115c47f1bf03bcd7349769b96.exe
    "C:\Users\Admin\AppData\Local\Temp\b1477ca0867a34c1fde40d6e41c0b54b046a47f115c47f1bf03bcd7349769b96.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1640
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1640 -s 124
      2⤵
      • Program crash
      PID:1724

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1640-54-0x0000000000400000-0x0000000000430000-memory.dmp

          Filesize

          192KB

          Download

        • memory/1640-56-0x0000000000400000-0x0000000000430000-memory.dmp

          Filesize

          192KB

          Download

        • memory/1640-57-0x0000000000220000-0x0000000000224000-memory.dmp

          Filesize

          16KB

          Download

        • memory/1640-58-0x0000000000260000-0x0000000000299000-memory.dmp

          Filesize

          228KB

          Download

        • memory/1640-59-0x0000000001E51000-0x0000000001E55000-memory.dmp

          Filesize

          16KB

          Download

        • memory/1640-60-0x0000000001E60000-0x0000000001F60000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/1640-61-0x0000000001E60000-0x0000000001F60000-memory.dmp

          Filesize

          1024KB

          Download