97752d289aaf282b1b51b7d96376220dcf75bcad1f030302e2af601b294b1e41 | Triage

Analysis

max time kernel
26s
max time network
31s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
08-07-2023 10:51

Sharing

Report Analysis Logs

General

Target

72914b5b019fd3exeexeexeex.exe
Size

2.1MB
MD5

72914b5b019fd34497671eae17a613aa
SHA1

72e666210d48747680d6bb616942137cffffab4d
SHA256

97752d289aaf282b1b51b7d96376220dcf75bcad1f030302e2af601b294b1e41
SHA512

75cdb7df7fb6034a875dd7046adda14d9a06fe62d14e3ca1052c3defdc811ee1e001122504dcb1511f2adcdb2b13c06e932cc67f8c6564adea9742e27ad8c87b
SSDEEP

49152:eE1qFs3oDbhFAhZw2S25TnAf5GPcDHkjsh3ANkTTl:os3oDbhFqSzGPcoQ3AM

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2408	2356	WerFault.exe	28

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2356 wrote to memory of 2408	2356	72914b5b019fd3exeexeexeex.exe	29
PID 2356 wrote to memory of 2408	2356	72914b5b019fd3exeexeexeex.exe	29
PID 2356 wrote to memory of 2408	2356	72914b5b019fd3exeexeexeex.exe	29
PID 2356 wrote to memory of 2408	2356	72914b5b019fd3exeexeexeex.exe	29

C:\Users\Admin\AppData\Local\Temp\72914b5b019fd3exeexeexeex.exe
"C:\Users\Admin\AppData\Local\Temp\72914b5b019fd3exeexeexeex.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2356
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2356 -s 116
  2⤵
  - Program crash
  PID:2408

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads