Analysis
-
max time kernel
144s -
max time network
145s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
08/03/2023, 08:29
Behavioral task
behavioral1
Sample
2824-138-0x0000000000400000-0x000000000044C000-memory.exe
Resource
win7-20230220-en
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
2824-138-0x0000000000400000-0x000000000044C000-memory.exe
Resource
win10v2004-20230220-en
1 signatures
150 seconds
General
-
Target
2824-138-0x0000000000400000-0x000000000044C000-memory.exe
-
Size
304KB
-
MD5
43e0a26ae7f7aaa39ad670bed26d0d90
-
SHA1
501f2e4367fde3ba37fdc464542e108a4bccc910
-
SHA256
0131ae37d9e913ae9289b09b25eb9da695d9a64693811575f98cbe0ea8a5d1b9
-
SHA512
4ed5a30048202fe0375e4c234b74101bf4aed7196c0e769b730a8d3f6e71f855bd9c6899e639dd8fd67dbefc1e519eb89cddffc0040c15279a7e57c97a8ea94e
-
SSDEEP
3072:VfKCprNoVUE3Hn5PcN6ugTCIKmO8YUAWDE/Rp9AIFGH52c:RKCprOVUuGNYDlO8YI4Zp9AC
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 3916 2620 WerFault.exe 84
Processes
-
C:\Users\Admin\AppData\Local\Temp\2824-138-0x0000000000400000-0x000000000044C000-memory.exe"C:\Users\Admin\AppData\Local\Temp\2824-138-0x0000000000400000-0x000000000044C000-memory.exe"1⤵PID:2620
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2620 -s 2162⤵
- Program crash
PID:3916
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 204 -p 2620 -ip 26201⤵PID:3612