Overview

overview

3

Static

static

1

acf1c73e90...09.exe

windows7-x64

3

acf1c73e90...09.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    67s
  • max time network
    134s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/04/2023, 05:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    acf1c73e902349fdc2098328109b3053040d124bd0572ee2c2564d3f13646009.exe

  • Size

    961KB

  • MD5

    f2eea2d7635ddb8269b03b53cbee58fa

  • SHA1

    2f089103c6d4ef03de30e9772a7cede752e9b71a

  • SHA256

    acf1c73e902349fdc2098328109b3053040d124bd0572ee2c2564d3f13646009

  • SHA512

    dd79441761d8a7464defd5a53be7f950a4dbfbe692335b96b0b3883a55594d1db0cfe4a1266a81887f8d7a2c52ef9e1984da00dcfbf5b3dfc5046af752b64ce2

  • SSDEEP

    24576:P1T7m0Xdj0d2f8Cag45rLqkJZJvK5Cvt3jNG4Ipxmznhg:P1DdgdcefJ8CVjE4scg

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Modifies Control Panel 8 IoCs
    evasion

Processes

  • C:\Users\Admin\AppData\Local\Temp\acf1c73e902349fdc2098328109b3053040d124bd0572ee2c2564d3f13646009.exe
    "C:\Users\Admin\AppData\Local\Temp\acf1c73e902349fdc2098328109b3053040d124bd0572ee2c2564d3f13646009.exe"
    1⤵
    • Modifies Control Panel
    PID:3260
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3260 -s 588
      2⤵
      • Program crash
      PID:684
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 3260 -ip 3260
    1⤵
      PID:4700

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3260-133-0x0000000000400000-0x000000000062D000-memory.dmp

      Filesize

      2.2MB

      Download

    • memory/3260-134-0x00000000023C0000-0x0000000002420000-memory.dmp

      Filesize

      384KB

      Download

    • memory/3260-135-0x0000000002430000-0x0000000002431000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-136-0x0000000002420000-0x0000000002421000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-137-0x00000000024A0000-0x00000000024A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-139-0x0000000002490000-0x0000000002491000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-138-0x0000000002470000-0x0000000002471000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-140-0x0000000002460000-0x0000000002461000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-141-0x0000000002450000-0x0000000002451000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-143-0x00000000024E0000-0x00000000024E1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-142-0x00000000024F0000-0x00000000024F1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-144-0x0000000002660000-0x0000000002661000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-145-0x0000000002510000-0x0000000002511000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-146-0x0000000002520000-0x0000000002521000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-147-0x00000000024D0000-0x00000000024D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-148-0x00000000026B0000-0x00000000026B1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-150-0x00000000026E0000-0x00000000026E1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-149-0x00000000026A0000-0x00000000026A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-152-0x0000000002690000-0x0000000002691000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-151-0x00000000026D0000-0x00000000026D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-154-0x00000000024C0000-0x00000000024C1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-153-0x00000000026C0000-0x00000000026C1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-155-0x0000000003510000-0x0000000003513000-memory.dmp

      Filesize

      12KB

      Download

    • memory/3260-156-0x0000000003500000-0x0000000003503000-memory.dmp

      Filesize

      12KB

      Download

    • memory/3260-157-0x0000000002380000-0x0000000002381000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-158-0x0000000002390000-0x0000000002391000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3260-159-0x0000000000400000-0x000000000062D000-memory.dmp

      Filesize

      2.2MB

      Download

    • memory/3260-160-0x0000000000400000-0x000000000062D000-memory.dmp

      Filesize

      2.2MB

      Download

    • memory/3260-161-0x00000000023C0000-0x0000000002420000-memory.dmp

      Filesize

      384KB

      Download