Analysis
-
max time kernel
38s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
04/12/2022, 13:23
General
-
Target
e51396d7b003512c8447e90ecde9f4d0a8ed3f46dd6bc4c74c50cda46da6b0f5.exe
-
Size
312KB
-
MD5
7b4f322a71c484aa1e1427ad8caf2985
-
SHA1
0bbe4dcada049b622fc9f9994173de9448a71f5e
-
SHA256
e51396d7b003512c8447e90ecde9f4d0a8ed3f46dd6bc4c74c50cda46da6b0f5
-
SHA512
bc119cd8b0383380094492715287482d9f42eb2f4bcbc900843678153944b6b2a042e134201b405f5ee5efb280a867d3ce17f1976694d4a84f4d2ef739438c09
-
SSDEEP
6144:eZU7J3ksDDEo1ftSMgCb9Chgci/C9s1N0bnHSqLnGjk:KU7aeDN1V6wohgcUC9s1NgHSwnGQ
Score
5/10
Malware Config
Signatures
-
Suspicious use of SetThreadContext 1 IoCs
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 9 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\e51396d7b003512c8447e90ecde9f4d0a8ed3f46dd6bc4c74c50cda46da6b0f5.exe"C:\Users\Admin\AppData\Local\Temp\e51396d7b003512c8447e90ecde9f4d0a8ed3f46dd6bc4c74c50cda46da6b0f5.exe"1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\e51396d7b003512c8447e90ecde9f4d0a8ed3f46dd6bc4c74c50cda46da6b0f5.exeC:\Users\Admin\AppData\Local\Temp\e51396d7b003512c8447e90ecde9f4d0a8ed3f46dd6bc4c74c50cda46da6b0f5.exe2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 340 -s 883⤵
- Program crash
-
-