Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
-
submitted
19-09-2023 06:52
General
-
Target
k7432982.exe
-
Size
393KB
-
MD5
383bee6167a05d96266c75c521797494
-
SHA1
67815b143c0d3dab12da5a0c3ec34211b104400d
-
SHA256
57f323470d018b0714f9d928ff7d0424e3c3622d65ce33711d6f556c30f92884
-
SHA512
97790113a18df17bf3a96e4ebb3bb58599796b23d73d99425558d2aea089a14d0d9f5997a8ac1bc1b86591041d689c06f47169f0ab53f9d6f6f05ea33cbb235a
-
SSDEEP
12288:njFIqiG59ounkpxTDmQTaUNBY5/XQ/V1Sa:njFL52xTDraEY5/XQ/Vs
Score
5/10
Malware Config
Signatures
-
Suspicious use of SetThreadContext 1 IoCs
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 21 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\k7432982.exe"C:\Users\Admin\AppData\Local\Temp\k7432982.exe"
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2248 -s 196
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2248-1-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/2248-0-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/2248-2-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/2248-3-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/2248-4-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/2248-5-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/2248-6-0x00000000FFFDE000-0x00000000FFFDF000-memory.dmpFilesize
4KB
-
memory/2248-7-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/2248-9-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/2248-11-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB