Overview

overview

10

Static

static

10

536-474-0x...ry.exe

windows7-x64

1

536-474-0x...ry.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    91s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-03-2023 03:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    536-474-0x0000000000400000-0x000000000046C000-memory.exe

  • Size

    432KB

  • MD5

    0f5bd38537ab181f0c440bec1ef314cd

  • SHA1

    0ff38b4d1b02e557a447d05036ad1769c9a54587

  • SHA256

    2643aa8dece4ed35ee8f59eb3496197a2f488c5561096744170d4e34e7b3c210

  • SHA512

    5686866237af2e7d9f6994a9337f0ffaaeb4f53d4d18aa4a275e10ba735663f23bc0b63450dedbc06a744bd99e2b85214912a35777c1edd740e21e91134fe74e

  • SSDEEP

    6144:cuQRHexo0nwlQvG4IyynVKzVKJ5/eRFHVmGiO/9o0wVEhKh+ga:cuQRHexo0n24zVK32RRVmGiwwVbh3

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\536-474-0x0000000000400000-0x000000000046C000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\536-474-0x0000000000400000-0x000000000046C000-memory.exe"
    1⤵
      PID:4932
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4932 -s 216
        2⤵
        • Program crash
        PID:820
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 4932 -ip 4932
      1⤵
        PID:2036

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads