Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
19/07/2023, 12:46
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Profoma Invoice.exe
Resource
win7-20230712-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
Profoma Invoice.exe
Resource
win10v2004-20230703-en
13 signatures
150 seconds
General
-
Target
Profoma Invoice.exe
-
Size
590KB
-
MD5
71a6978a9fa2085234b08af213a85394
-
SHA1
387997a190c9b12787827903d8b552f4c2448c4a
-
SHA256
bd7340bfb3d38cb418bb4c539f63898ea6b7e69823c808665620844313c21ddf
-
SHA512
e480835b33144e1b96b8edeb6aff492b6706ee359a2d257376592e44f2e6337cd0a4214e5f42b8298b0bf5b4a4f98e62fb0fdd762a2b17188f64d13dc0de18ba
-
SSDEEP
6144:9SnVudiQAPAjPP+iY7JIwd8rTc9BtUYzitmVAWzR4+/7HysCrCFX3mS1B6jKPjp5:eTPYPfY7Hd8rw0wms/0jq8r
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1404 1968 WerFault.exe 24 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 1968 wrote to memory of 1404 1968 Profoma Invoice.exe 30 PID 1968 wrote to memory of 1404 1968 Profoma Invoice.exe 30 PID 1968 wrote to memory of 1404 1968 Profoma Invoice.exe 30 PID 1968 wrote to memory of 1404 1968 Profoma Invoice.exe 30