5ff384f3c247b8a8d159f7818c36ba3cb57dc9e2833830ee0923142a3438fdc3 | Triage

Analysis

max time kernel
28s
max time network
32s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
10/07/2023, 14:02

Sharing

Report Analysis Logs

General

Target

c3aee7151ee617exeexeexeex.exe
Size

1.1MB
MD5

c3aee7151ee617cab6cd470a226ff028
SHA1

da352af2d20a5bf5fec854261c5724f7269eeaa6
SHA256

5ff384f3c247b8a8d159f7818c36ba3cb57dc9e2833830ee0923142a3438fdc3
SHA512

b9cb5ca79841927dde8479578818945966389eced2a950d4b7f78eef81e27ee78b27a774d6c469030f438d0b0333954be3105d86c40953208d9b6329ff9104cb
SSDEEP

24576:I5Rn96MtjKklcLoUYa0E8kzbusf2AtMorIbsrg33:QRndtjKkkoUj0E8/shQOi3

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2208	2288	WerFault.exe	28

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2288	c3aee7151ee617exeexeexeex.exe
2288	c3aee7151ee617exeexeexeex.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2288 wrote to memory of 2208	2288	c3aee7151ee617exeexeexeex.exe	29
PID 2288 wrote to memory of 2208	2288	c3aee7151ee617exeexeexeex.exe	29
PID 2288 wrote to memory of 2208	2288	c3aee7151ee617exeexeexeex.exe	29
PID 2288 wrote to memory of 2208	2288	c3aee7151ee617exeexeexeex.exe	29

C:\Users\Admin\AppData\Local\Temp\c3aee7151ee617exeexeexeex.exe
"C:\Users\Admin\AppData\Local\Temp\c3aee7151ee617exeexeexeex.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2288
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2288 -s 316
  2⤵
  - Program crash
  PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads