Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
19/07/2023, 06:23
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
DHL AWB 5016240032.exe
Resource
win7-20230712-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
DHL AWB 5016240032.exe
Resource
win10v2004-20230703-en
12 signatures
150 seconds
General
-
Target
DHL AWB 5016240032.exe
-
Size
593KB
-
MD5
886fab64c6bbcf0791e49b5c030a8c99
-
SHA1
7185f370d3fe7b50e75a3b108f24576bb4fe07bb
-
SHA256
8a22014ada2999b66ab041f0aa93f42fb50b481778ce709272209dc9a96a9135
-
SHA512
31f53738e6bc184aff978ce2cd087281a5eb9aa0d83e2ee0f448fc86b8fa00366941b9511ffee0916efe6ba525521606425c406a566815ce19e06376a033282a
-
SSDEEP
12288:VPYPfY7Q+N3y/VmTcMub+c1buATna6do3wKCMKpcDAhe:VPYPgdN3ypZb++6ATna6dYwT2Ahe
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2592 2268 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2268 wrote to memory of 2592 2268 DHL AWB 5016240032.exe 30 PID 2268 wrote to memory of 2592 2268 DHL AWB 5016240032.exe 30 PID 2268 wrote to memory of 2592 2268 DHL AWB 5016240032.exe 30 PID 2268 wrote to memory of 2592 2268 DHL AWB 5016240032.exe 30