Overview

overview

7

Static

static

3

OfficeSetup.exe

windows7-x64

3

OfficeSetup.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230712-es
  • resource tags

    arch:x64arch:x86image:win7-20230712-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    22-08-2023 02:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OfficeSetup.exe

  • Size

    8.0MB

  • MD5

    6f941c5bedcbd6136ad7654db656f242

  • SHA1

    5387ac8faae7cee44fe3c944b84496cbdb23a0da

  • SHA256

    412f7d65592bb0da18f7e7bc5c7f89c917b4e1f3f8ad525b1ad9bc62768b0a0d

  • SHA512

    5976cac68076ed34fb23a29de91cba73d1bfd92ba393410fe7f5b0df35aa86436d7b8aba5a8fcd3fdd318db9df215b723ec2f0f80d29523acdb3972331f8d976

  • SSDEEP

    196608:8qHkoqMYaCdxYmmiy442ufAoVyyGFvp3hTMDbaHeyv6q:OMYTxYtiy4ZufARFvp3AGHeyv6q

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\OfficeSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\OfficeSetup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:532
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 532 -s 580
      2⤵
      • Program crash
      PID:2652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads