Analysis
-
max time kernel
28s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
15/03/2023, 00:43
Static task
static1
Behavioral task
behavioral1
Sample
service_updated.exe
Resource
win7-20230220-en
2 signatures
150 seconds
General
-
Target
service_updated.exe
-
Size
26KB
-
MD5
41129b2de89d99f0bd5e1ad1f6440eef
-
SHA1
48ed7f4ed02069d40eca3e1398cda78df33d94e7
-
SHA256
6573a46dcc3f3695b69d5f395bc71515b34890ddc4a73b017afab37421512542
-
SHA512
93c22380c3ae75a1cc087716b94665626b6e0418dc4e1eb65afee536282571ed3a28607a3cf4b7ff1fbbd9ad0cda70349d556c4b0b9a17981357100c6a0d7eca
-
SSDEEP
384:sJJo2hYvWMUMGYZacX1weJiPRQMFWsXrMTW4g1CwL1CyDb+/cG7myv+pQ6ZD0m3H:lEHqSeJiJVXrM41v1C8bpCT+Zgm3HtN
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1076 1340 WerFault.exe 23 -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1340 wrote to memory of 1076 1340 service_updated.exe 29 PID 1340 wrote to memory of 1076 1340 service_updated.exe 29 PID 1340 wrote to memory of 1076 1340 service_updated.exe 29