Analysis

  • max time kernel
    135s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/03/2023, 13:54

General

  • Target

    1320-56-0x0000000000400000-0x00000000004AD000-memory.exe

  • Size

    692KB

  • MD5

    dc3f116971f64aee1d5ae5e339d76a8d

  • SHA1

    69258f36586f65c92788b04695458d25a90a3d99

  • SHA256

    e8ccaf51b552e76dfbb28bc9ad1edb8a572f8e0eaff114ec9ba5535970159ca0

  • SHA512

    2c72b35d24a7023d192e5dca06485d9a8e5e29ad1c5f20748aa3fce91403937b72ccf383339910dbe9c8c2eb699d580b23b5c222bb545aa1745d3d334c2d3484

  • SSDEEP

    3072:wfKWoyNoVUE3Hnrn5iH6xxkhdbV5Vk6T23Ls/C0Bi:+KWbOVUujoH6sN/VkJLs/C

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1320-56-0x0000000000400000-0x00000000004AD000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\1320-56-0x0000000000400000-0x00000000004AD000-memory.exe"
    1⤵
      PID:1352
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1352 -s 216
        2⤵
        • Program crash
        PID:4620
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 1352 -ip 1352
      1⤵
        PID:2160

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads