Analysis
-
max time kernel
147s -
max time network
121s -
platform
windows10-2004_x64 -
resource
win10v2004-20230221-en -
resource tags
arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system -
submitted
08/03/2023, 10:25
Behavioral task
behavioral1
Sample
3100-138-0x0000000000400000-0x000000000044C000-memory.exe
Resource
win7-20230220-en
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
3100-138-0x0000000000400000-0x000000000044C000-memory.exe
Resource
win10v2004-20230221-en
1 signatures
150 seconds
General
-
Target
3100-138-0x0000000000400000-0x000000000044C000-memory.exe
-
Size
304KB
-
MD5
48ca3ba247d617e756536edaffc1c4e9
-
SHA1
ecec2af6e8f150ca9412cb5a4d2cb63f12209bfc
-
SHA256
d28f272be9445f0f5e5d4d04f25f2096e4af0896f214cf6d387d834ae698422e
-
SHA512
2ef34fa5a3628940a60e82c08a1e3ecf039789ceb6979b324b152204fc5fb45537ce4c3c20318a54c8057428d648a21cd4b3e3bf7479eeed07db181bc23599b6
-
SSDEEP
3072:VfKj5prNoVUE3Hn5PlWqUeMV7oog/Mhej01QDn9rmH52c:RKj5prOVUuv7UnVU/0hS01QD9
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1512 2772 WerFault.exe 85
Processes
-
C:\Users\Admin\AppData\Local\Temp\3100-138-0x0000000000400000-0x000000000044C000-memory.exe"C:\Users\Admin\AppData\Local\Temp\3100-138-0x0000000000400000-0x000000000044C000-memory.exe"1⤵PID:2772
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2772 -s 1922⤵
- Program crash
PID:1512
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 2772 -ip 27721⤵PID:3012