Analysis
-
max time kernel
61s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
09-12-2022 09:47
General
-
Target
1532-66-0x0000000000400000-0x000000000042F000-memory.exe
-
Size
188KB
-
MD5
cef4297fcfdd93d75f7bfedd18ef8173
-
SHA1
a4c8c0562628e3bc90281db35c0bf55a6ce26bcb
-
SHA256
0566be0c4ad3c0b812ac21e46bb0f2bfe8613abb697b39336cb90b6697cc4469
-
SHA512
6e658f48e528d5b96778fe1f6224aeb1d59317ff5a005d1f2e40f7a9d884ebc7c45c274547df2ba2c29980f4fc437f5350857c8a2f4459818043b4b056edd616
-
SSDEEP
3072:ix4Fo2qZvkHcQSqTxbmsxWa5riL+REbc4F4fQCiWaJI2zgK3z1aM7oIAZbGRleFU:No228HRgs/E2EgloCi7JI2zgKjMsoIis
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\1532-66-0x0000000000400000-0x000000000042F000-memory.exe"C:\Users\Admin\AppData\Local\Temp\1532-66-0x0000000000400000-0x000000000042F000-memory.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1404 -s 362⤵
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1672-54-0x0000000000000000-mapping.dmp