a0677feead69f9c4e235e376faf0e666f36391478861db7e5c341877a10fdaa8

Analysis

max time kernel
121s
max time network
124s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
01-09-2023 21:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a0677feead69f9c4e235e376faf0e666f36391478861db7e5c341877a10fdaa8.exe
Size

2.1MB
MD5

24c8530091fda649013a4ddf38bda06c
SHA1

59a23ccd19024220d4230864a00dad6873071045
SHA256

a0677feead69f9c4e235e376faf0e666f36391478861db7e5c341877a10fdaa8
SHA512

43e9e7e60fa939259f3e4f8c004f35574d5e0fc6fde4f87d3661246cc1f7db519b10b4f8a8fbac0ba9bacb4ce278747e480a98e581ed97cab73471f128e9cc47
SSDEEP

49152:mMJBadcKx3xLTtcjelLjND4JHWohd3/Bq+DGPg:mMYcKx3hTtblLZ4JbzPBFDGPg

Score

5^/10

Malware Config

Signatures

Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs

pid	Process
1256	a0677feead69f9c4e235e376faf0e666f36391478861db7e5c341877a10fdaa8.exe

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1328	1256	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1256 wrote to memory of 1328	1256	a0677feead69f9c4e235e376faf0e666f36391478861db7e5c341877a10fdaa8.exe	28
PID 1256 wrote to memory of 1328	1256	a0677feead69f9c4e235e376faf0e666f36391478861db7e5c341877a10fdaa8.exe	28
PID 1256 wrote to memory of 1328	1256	a0677feead69f9c4e235e376faf0e666f36391478861db7e5c341877a10fdaa8.exe	28
PID 1256 wrote to memory of 1328	1256	a0677feead69f9c4e235e376faf0e666f36391478861db7e5c341877a10fdaa8.exe	28

C:\Users\Admin\AppData\Local\Temp\a0677feead69f9c4e235e376faf0e666f36391478861db7e5c341877a10fdaa8.exe
"C:\Users\Admin\AppData\Local\Temp\a0677feead69f9c4e235e376faf0e666f36391478861db7e5c341877a10fdaa8.exe"
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of WriteProcessMemory
PID:1256
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1256 -s 200
  2⤵
  - Program crash
  PID:1328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1256-0-0x0000000000400000-0x0000000000735000-memory.dmp

Filesize
3.2MB

Download
memory/1256-1-0x0000000076040000-0x0000000076087000-memory.dmp

Filesize
284KB

Download
memory/1256-811-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-812-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-814-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-816-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-818-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-820-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-822-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-824-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-826-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-828-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-830-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-832-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-834-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-836-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-838-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-840-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-842-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-844-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-846-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-848-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-850-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-852-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-854-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-856-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-858-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-860-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-862-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-864-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-866-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-868-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-870-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-872-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-2547-0x0000000002230000-0x00000000023B1000-memory.dmp

Filesize
1.5MB

Download
memory/1256-8686-0x0000000002570000-0x0000000002681000-memory.dmp

Filesize
1.1MB

Download
memory/1256-8687-0x0000000000400000-0x0000000000735000-memory.dmp

Filesize
3.2MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads