Overview

overview

3

Static

static

1

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

3

Analysis

  • max time kernel
    291s
  • max time network
    252s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    21/08/2023, 06:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f61cca3faccd6d975aaf85b9e7aacd5018235ea4c5facf880d9fed0bbc4043cf.exe

  • Size

    3.9MB

  • MD5

    ce08f951bd1cb8d2fd62e54512b5fb00

  • SHA1

    7a807b3132a6440199fa1fee460488856e9a6b90

  • SHA256

    f61cca3faccd6d975aaf85b9e7aacd5018235ea4c5facf880d9fed0bbc4043cf

  • SHA512

    e1117bd485ae078b97f5df7b8d2d33039838dcd43aefd844ed231ec222378433ab90f38c42fefe531128aa092356a45807540b78c998b9da081719c16755ac4e

  • SSDEEP

    49152:pgh98D4xlsAOPmUIkUI8RUyvhoDCfVC0fLqaNl1XvGTx/S5rcW8jXNO:Va71fQO

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f61cca3faccd6d975aaf85b9e7aacd5018235ea4c5facf880d9fed0bbc4043cf.exe
    "C:\Users\Admin\AppData\Local\Temp\f61cca3faccd6d975aaf85b9e7aacd5018235ea4c5facf880d9fed0bbc4043cf.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:4012
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 4012 -s 1160
      2⤵
      • Program crash
      PID:4364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4012-117-0x0000000000400000-0x00000000007F2000-memory.dmp

    Filesize

    3.9MB

    Download

  • memory/4012-119-0x00007FFF99800000-0x00007FFF99BE4000-memory.dmp

    Filesize

    3.9MB

    Download