Overview

overview

6

Static

static

3

SecuriteIn...31.exe

windows7-x64

6

SecuriteIn...31.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/09/2023, 17:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Win32.PWSX-gen.29818.21831.exe

  • Size

    196KB

  • MD5

    a1d8fdca35d16eeb222ddd68e98a08bf

  • SHA1

    d1363f3cf1627312e8fc9b51a541564c660daab9

  • SHA256

    088fd63cdce0930d784105665f0b20b809b18900cb42116159a01c7b204543fa

  • SHA512

    107a8c21530cebd3889d41cb7a8763fde1f04173e9c6e41c46fae4549ab17a4b5c841d76d2edb6dd6cb03fc4bde87ae9524156cffc11429603cbe3b79ecdc93d

  • SSDEEP

    3072:7Dvy7RyOjFD4ANT32x8T9mNJMfHp4ooblYitaknK8pUdVAg0FujCoF01s8mEbM:7DvAUMP9Gx8JYEHBUlftv4AORF0WpeM

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.PWSX-gen.29818.21831.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.PWSX-gen.29818.21831.exe"
    1⤵
    • Adds Run key to start application
    PID:3088
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3088 -s 672
      2⤵
      • Program crash
      PID:2648
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 3088 -ip 3088
    1⤵
      PID:2916

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3088-0-0x0000000001450000-0x0000000001452000-memory.dmp

      Filesize

      8KB

      Download