1627aef35315ea3e39e5029534cf62e814588844dfc0489cfd3ac2c4cdd9e90c

Analysis

max time kernel
127s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
31/08/2023, 08:59 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1627aef35315ea3e39e5029534cf62e814588844dfc0489cfd3ac2c4cdd9e90c.exe
Size

6KB
MD5

d360f9d3d7fc58118fd47f1a4ba01eea
SHA1

713046cec6a8686758a72d443126f35055ad3da7
SHA256

1627aef35315ea3e39e5029534cf62e814588844dfc0489cfd3ac2c4cdd9e90c
SHA512

a5aabf14e9be38702d73408dec962a0fe6f7f0e69f1b0e0784c5fa6c940d64c597770ccf249e72ece4e3bfae7b5f65cb7112b6a4c06f3c2518cfccc44b111668
SSDEEP

48:SIVbt0S4FVgCp471Ib4Fc/38+N7DYocHa23WlTpebVetFygFI5a2oxdVoZiG/9u6:90mIGnFc/38+N4ZHJWSY9FI5Wq8x

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4440	2052	WerFault.exe	80

C:\Users\Admin\AppData\Local\Temp\1627aef35315ea3e39e5029534cf62e814588844dfc0489cfd3ac2c4cdd9e90c.exe
"C:\Users\Admin\AppData\Local\Temp\1627aef35315ea3e39e5029534cf62e814588844dfc0489cfd3ac2c4cdd9e90c.exe"
1⤵
PID:2052
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2052 -s 152
  2⤵
  - Program crash
  PID:4440

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 408 -p 2052 -ip 2052
1⤵
PID:2932

Network

DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

59.128.231.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.128.231.4.in-addr.arpa

IN PTR

Response
DNS

126.22.238.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

126.22.238.8.in-addr.arpa

IN PTR

Response
DNS

67.31.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.31.126.40.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

2.136.104.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.136.104.51.in-addr.arpa

IN PTR

Response
DNS

158.240.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.240.127.40.in-addr.arpa

IN PTR

Response
DNS

26.165.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.165.165.52.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

18.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.134.221.88.in-addr.arpa

IN PTR

Response

18.134.221.88.in-addr.arpa

IN PTR

a88-221-134-18deploystaticakamaitechnologiescom
DNS

13.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.227.111.52.in-addr.arpa

IN PTR

Response
DNS

85.65.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

85.65.42.20.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

59.128.231.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

59.128.231.4.in-addr.arpa
8.8.8.8:53

126.22.238.8.in-addr.arpa

dns

71 B
125 B
1
1

DNS Request

126.22.238.8.in-addr.arpa
8.8.8.8:53

67.31.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

67.31.126.40.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

2.136.104.51.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

2.136.104.51.in-addr.arpa
8.8.8.8:53

158.240.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

158.240.127.40.in-addr.arpa
8.8.8.8:53

26.165.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

26.165.165.52.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

18.134.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

18.134.221.88.in-addr.arpa
8.8.8.8:53

13.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

13.227.111.52.in-addr.arpa
8.8.8.8:53

85.65.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

85.65.42.20.in-addr.arpa

Windows 7 deprecation

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.