Overview

overview

3

Static

static

3

wireguardsetup.exe

windows7-x64

1

wireguardsetup.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03/10/2023, 14:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    wireguardsetup.exe

  • Size

    20.9MB

  • MD5

    ae5fd5f483713e5490441825333644fc

  • SHA1

    7817f4091fd0c4fef2f30a6331a926b7176758e4

  • SHA256

    88ac32e91a53c852ee024a1aac0f1e1fa29e43020427bde6986ab5c404bafeb1

  • SHA512

    7f38a83b3a9c9029926be6f3f06867fb732b94904e300efaedf73c46a1db4d87322734517775d80d50a19a73a71807aabf69d0065ac7a57ce78a2390af4fb2de

  • SSDEEP

    49152:VgPnkYckuOEUrh1w3BDXcydh7Tt0DwdShTonT8E0ei+TsJeKI4e338fKg0PExp5B:

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\wireguardsetup.exe
    "C:\Users\Admin\AppData\Local\Temp\wireguardsetup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2120
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2120 -s 516
      2⤵
        PID:2180

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2120-1-0x000007FEF59E0000-0x000007FEF63CC000-memory.dmp

            Filesize

            9.9MB

            Download

          • memory/2120-0-0x0000000000980000-0x0000000001E78000-memory.dmp

            Filesize

            21.0MB

            Download

          • memory/2120-2-0x000007FEF59E0000-0x000007FEF63CC000-memory.dmp

            Filesize

            9.9MB

            Download