Overview

overview

3

Static

static

49d80ace4f...14.exe

windows7-x64

1

49d80ace4f...14.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-01-2023 07:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    49d80ace4f7f63213b65aad185d0b466b3545c604c13256af86c861a8ccd7314.exe

  • Size

    384KB

  • MD5

    d9f3c2b67f40d203ba84917373aa35ba

  • SHA1

    7b3512fd9398f53b880813d549ffec4c3517a4ef

  • SHA256

    49d80ace4f7f63213b65aad185d0b466b3545c604c13256af86c861a8ccd7314

  • SHA512

    875c836420eddd22a253275cf6440667f88b6bd5d8c1866bfd8af0340c7c0c0e34124caa940f255c503adfc2ec6b2981c53e0bc94e6a20078cd49826173999ef

  • SSDEEP

    6144:vZ5o1x3qYyUovIYFJzcBnZ1aa3ChohfavF454IZCGrZ:vzoPbyIYF2BnZkho16ccGrZ

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\49d80ace4f7f63213b65aad185d0b466b3545c604c13256af86c861a8ccd7314.exe
    "C:\Users\Admin\AppData\Local\Temp\49d80ace4f7f63213b65aad185d0b466b3545c604c13256af86c861a8ccd7314.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:5000
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 5000 -s 160
      2⤵
      • Program crash
      PID:2304
  • C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -pss -s 408 -p 5000 -ip 5000
    1⤵
      PID:3040

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads