Analysis
-
max time kernel
27s -
max time network
31s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
06/04/2023, 23:14
Static task
static1
Behavioral task
behavioral1
Sample
GTAG GUI.exe
Resource
win7-20230220-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
GTAG GUI.exe
Resource
win10v2004-20230220-en
12 signatures
150 seconds
General
-
Target
GTAG GUI.exe
-
Size
60KB
-
MD5
45e704327dc60ee44308d852f2559d2a
-
SHA1
9514b3ad4e4ac2ffaaf1a53bd365e183b12d42ed
-
SHA256
0c071497334f0ece1f7217f0572b13c78ae1a37f466993ddea8f48e99826606d
-
SHA512
71a74ec690e32543a1cfb002d5fc12802b38afe241b3e5a17ffe2b8943387fc0bb6f4a8b6a0714c475963faf91a8511d912f8c7622c7f03664c095d6428da5d5
-
SSDEEP
1536:fL9vF5BfilV2j1FQ9UlWlMV13cLSHX/Yow70DmVH9q:fVBfiuLX/YGN
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1584 1724 WerFault.exe 26 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 1724 wrote to memory of 1584 1724 GTAG GUI.exe 27 PID 1724 wrote to memory of 1584 1724 GTAG GUI.exe 27 PID 1724 wrote to memory of 1584 1724 GTAG GUI.exe 27 PID 1724 wrote to memory of 1584 1724 GTAG GUI.exe 27