Analysis
-
max time kernel
145s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system -
submitted
02-10-2023 10:25
Static task
static1
Behavioral task
behavioral1
Sample
586a18085369848fd7a62ea07721bbeaf4acb0abd56697ffeb3546f49c5ee017_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
586a18085369848fd7a62ea07721bbeaf4acb0abd56697ffeb3546f49c5ee017_JC.exe
Resource
win10v2004-20230915-en
General
-
Target
586a18085369848fd7a62ea07721bbeaf4acb0abd56697ffeb3546f49c5ee017_JC.exe
-
Size
584KB
-
MD5
785dcca262cddcd033fed54d0e811a28
-
SHA1
474f5e5455b4a832aad2b95fafef4a6ef71b3075
-
SHA256
586a18085369848fd7a62ea07721bbeaf4acb0abd56697ffeb3546f49c5ee017
-
SHA512
f5d1cd7568edd34bdd38df0f6fb87e31c93f361a806d6f855b4a6400de7669a1e70b9ef196ce3be804703c6d3fb9d71ec59eeae40fa9ce22b3a1821a0fe8cb4e
-
SSDEEP
12288:IZhN0lAK0EkRE7Y4GBtRX3B7ltkiurpg81EP4:mOb0EEEMBtRXR7/zudg8h
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 4948 3732 WerFault.exe 84 -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 3732 586a18085369848fd7a62ea07721bbeaf4acb0abd56697ffeb3546f49c5ee017_JC.exe 3732 586a18085369848fd7a62ea07721bbeaf4acb0abd56697ffeb3546f49c5ee017_JC.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\586a18085369848fd7a62ea07721bbeaf4acb0abd56697ffeb3546f49c5ee017_JC.exe"C:\Users\Admin\AppData\Local\Temp\586a18085369848fd7a62ea07721bbeaf4acb0abd56697ffeb3546f49c5ee017_JC.exe"1⤵
- Suspicious use of SetWindowsHookEx
PID:3732 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3732 -s 6082⤵
- Program crash
PID:4948
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3732 -ip 37321⤵PID:2584