Overview

overview

10

Static

static

10

04318899.exe

windows7-x64

3

04318899.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    31s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2023 19:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    04318899.exe

  • Size

    124KB

  • MD5

    81d45561da479bd4203b837462ee8b47

  • SHA1

    5d04346363d5d592e1b65b7f5a143b05b0e6318f

  • SHA256

    4ea07dbe6d547f6b5a415630233bac532557f00f3440f6c99e0cf797d72cee76

  • SHA512

    47034ba6a56531118df20ff0f313d46919879880c45b91af91ef725606a3e98e6288a18dabd92ace039ca55fd20e950a3d381ec1a8d18dbf645bcc3af3cc2274

  • SSDEEP

    1536:CFmJzZ9Vl4WJT6dDYdXlEuuyl+9HiJdkXI/ZQN+gC74vqUAstVchTE:SmhFlEiEuuo6QW/+17Eq6tVc9E

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\04318899.exe
    "C:\Users\Admin\AppData\Local\Temp\04318899.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1428
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1428 -s 132
      2⤵
      • Program crash
      PID:1504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads