Overview

overview

10

Static

static

10

1532-66-0x...ry.exe

windows7-x64

3

1532-66-0x...ry.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    165s
  • max time network
    195s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-12-2022 09:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1532-66-0x0000000000400000-0x000000000042F000-memory.exe

  • Size

    188KB

  • MD5

    cef4297fcfdd93d75f7bfedd18ef8173

  • SHA1

    a4c8c0562628e3bc90281db35c0bf55a6ce26bcb

  • SHA256

    0566be0c4ad3c0b812ac21e46bb0f2bfe8613abb697b39336cb90b6697cc4469

  • SHA512

    6e658f48e528d5b96778fe1f6224aeb1d59317ff5a005d1f2e40f7a9d884ebc7c45c274547df2ba2c29980f4fc437f5350857c8a2f4459818043b4b056edd616

  • SSDEEP

    3072:ix4Fo2qZvkHcQSqTxbmsxWa5riL+REbc4F4fQCiWaJI2zgK3z1aM7oIAZbGRleFU:No228HRgs/E2EgloCi7JI2zgKjMsoIis

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1532-66-0x0000000000400000-0x000000000042F000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\1532-66-0x0000000000400000-0x000000000042F000-memory.exe"
    1⤵
      PID:4436
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4436 -s 220
        2⤵
        • Program crash
        PID:1372
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4436 -ip 4436
      1⤵
        PID:3360

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads