Overview

overview

3

Static

static

1

splwww26.exe

windows7-x64

1

splwww26.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    71s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-08-2023 07:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    splwww26.exe

  • Size

    572KB

  • MD5

    1da77e0425378882de3d921a7f265c58

  • SHA1

    08d09895a1919bc7acd52d4a182594278e6fd586

  • SHA256

    eeebc8d727692cd35de9ed8489f09cd9af551b884eb9b0751b5690933b448f09

  • SHA512

    9f84542065b0c161efaf2c0b91055c0dab52709744d51da7cd78533baf195a447f8d379ca6c6a0c4ee64d99727c33f7f28834e7d586e9c99e43da04f93cda3ed

  • SSDEEP

    6144:fU8YMMZ5jVUBFu9ujMekbfGVT7xL0inr1+hBpNDSrk7kRf:3FOeNkbfGV7xR1+/pNDSrVf

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\splwww26.exe
    "C:\Users\Admin\AppData\Local\Temp\splwww26.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:4608
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 4608 -s 1532
      2⤵
      • Program crash
      PID:3368
  • C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -pss -s 444 -p 4608 -ip 4608
    1⤵
      PID:444

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4608-133-0x00007FF9E7E90000-0x00007FF9E7EA0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4608-140-0x0000025757830000-0x0000025757831000-memory.dmp

      Filesize

      4KB

      Download