Analysis
-
max time kernel
135s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
05-06-2023 05:56
Behavioral task
behavioral1
Sample
3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe
Resource
win7-20230220-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe
-
Size
199KB
-
MD5
ade9d41bc7390202584d1282aa3fe49e
-
SHA1
ca99ab8911cfcb730532eb4a8e47a00d4111a441
-
SHA256
3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212
-
SHA512
3a56d9a22051641dc28fe027ef3855600f92c75cdb473f9fbf0a434c8e856c07bbfba570327c52ed1fdb7f84c0841ae633503ca73024e73ca9d76710faa7c64e
-
SSDEEP
3072:ymhFlEiEuuo6QW/+17Eq6tVv9rv81gfECQ:ymhFlEQuN+TOlC
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 4296 4528 WerFault.exe 3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exepid process 4528 3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe"C:\Users\Admin\AppData\Local\Temp\3483691270d16b0efc8aca6864941b509e8bf9f629b2fea5d2d9ff0f8f4e8212.exe"1⤵
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4528 -s 4242⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 4528 -ip 45281⤵