42481c63ce94af8ce5cf7063578d957780b4eb2bee1a70987a3d98228044d077

Analysis

max time kernel
122s
max time network
125s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
24-09-2023 02:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

42481c63ce94af8ce5cf7063578d957780b4eb2bee1a70987a3d98228044d077.exe
Size

826KB
MD5

02db6f659a1e6740773fed3819cfdc3d
SHA1

4abc617354e0600f038f2e7e4a8db4965057558f
SHA256

42481c63ce94af8ce5cf7063578d957780b4eb2bee1a70987a3d98228044d077
SHA512

ad3c5c18d8e0bac84dcb488819df23913ba482f53227026dfe4337b0e32b496ef267ff939f8c2354a8352691dc8ed4f78ad61d1206fa45700bfc580f29bf70e6
SSDEEP

24576:BwDjkyn1guvI7irMjbfzXEw3gwDAIL0wCLQK:BCX6uveirsEWVDAIL1c

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1192	1908	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1908 wrote to memory of 1192	1908	42481c63ce94af8ce5cf7063578d957780b4eb2bee1a70987a3d98228044d077.exe	28
PID 1908 wrote to memory of 1192	1908	42481c63ce94af8ce5cf7063578d957780b4eb2bee1a70987a3d98228044d077.exe	28
PID 1908 wrote to memory of 1192	1908	42481c63ce94af8ce5cf7063578d957780b4eb2bee1a70987a3d98228044d077.exe	28
PID 1908 wrote to memory of 1192	1908	42481c63ce94af8ce5cf7063578d957780b4eb2bee1a70987a3d98228044d077.exe	28

C:\Users\Admin\AppData\Local\Temp\42481c63ce94af8ce5cf7063578d957780b4eb2bee1a70987a3d98228044d077.exe
"C:\Users\Admin\AppData\Local\Temp\42481c63ce94af8ce5cf7063578d957780b4eb2bee1a70987a3d98228044d077.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1908
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1908 -s 120
  2⤵
  - Program crash
  PID:1192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1908-0-0x0000000000400000-0x00000000004DC000-memory.dmp

Filesize
880KB

Download
memory/1908-1-0x00000000765F0000-0x0000000076637000-memory.dmp

Filesize
284KB

Download
memory/1908-811-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-812-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-814-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-816-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-818-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-820-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-822-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-824-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-826-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-828-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-830-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-832-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-834-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-836-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-838-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-840-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-842-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-844-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-846-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-848-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-850-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-852-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-854-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-856-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-858-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-860-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-862-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-864-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-866-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-868-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-870-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download
memory/1908-872-0x0000000002280000-0x0000000002391000-memory.dmp

Filesize
1.1MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads