Overview

overview

10

Static

static

3

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    105s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230621-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/07/2023, 10:35

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp.exe

  • Size

    307KB

  • MD5

    53ea87335f8e0980347824df3f281367

  • SHA1

    5308ac8b5a3c5519e4f7781c6d977bd051b9cfb3

  • SHA256

    469ec60cbf223eee75eb22572b1710e33bc935ade15856d2fac717d2c731e8d9

  • SHA512

    b02faa4e4219d30cde290efcd3cb145564413984d1e9d2973719371bbc85adcab4370e49e5ec808d78fcedc63ebb8152c69ea8838c3c55beefd1d0f28a4453c4

  • SSDEEP

    6144:NMIkw+9+AecEG7UjH7bVwiekH56wr/oLETL5ySkSuuPsaAEfrV8:NMnr+A9EG7MHa45zAuL4SkOsa3fB8

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tmp.exe
    "C:\Users\Admin\AppData\Local\Temp\tmp.exe"
    1⤵
      PID:3288
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3288 -s 1068
        2⤵
        • Program crash
        PID:3524
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3288 -ip 3288
      1⤵
        PID:2936

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/3288-134-0x0000000004D60000-0x0000000005304000-memory.dmp

              Filesize

              5.6MB

              Download

            • memory/3288-135-0x0000000000860000-0x000000000089E000-memory.dmp

              Filesize

              248KB

              Download

            • memory/3288-136-0x00000000025F0000-0x0000000002600000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-137-0x00000000025F0000-0x0000000002600000-memory.dmp

              Filesize

              64KB

              Download

            • memory/3288-138-0x0000000005380000-0x0000000005412000-memory.dmp

              Filesize

              584KB

              Download

            • memory/3288-140-0x0000000000400000-0x00000000006CA000-memory.dmp

              Filesize

              2.8MB

              Download