Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
22/07/2023, 01:06
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87.exe
Resource
win7-20230712-en
2 signatures
150 seconds
General
-
Target
295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87.exe
-
Size
907KB
-
MD5
1dc6a4dd8ac552c5bb6aa2f12d83926b
-
SHA1
3c06b68bc42bc79523815d47af13b6b69be6946a
-
SHA256
295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87
-
SHA512
d140fef3db69539e755366cd7ff94e8df5a475093012732ba243d886b664cdb726a726cb4c5e60f8c1e36f2829fddd193413b27b2ea8f2ef5a86b5b4ff346a04
-
SSDEEP
24576:2PYPgrtqyNZPoFJhdK/FtzVOCie84PPtU+e:2w2qyNZAgMH4PPtg
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2824 2136 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2136 wrote to memory of 2824 2136 295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87.exe 30 PID 2136 wrote to memory of 2824 2136 295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87.exe 30 PID 2136 wrote to memory of 2824 2136 295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87.exe 30 PID 2136 wrote to memory of 2824 2136 295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87.exe 30
Processes
-
C:\Users\Admin\AppData\Local\Temp\295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87.exe"C:\Users\Admin\AppData\Local\Temp\295757477a07e2f8c97054d3293539518781c52206b5deb274f955082d8e7d87.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2136 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2136 -s 6802⤵
- Program crash
PID:2824
-