Overview

overview

3

Static

static

3

1c2e6618c9...24.exe

windows7-x64

1

1c2e6618c9...24.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2023, 11:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1c2e6618c91dfa36e8a4a672fff0346351029101e366ca588a09f9ad2f1eff24.exe

  • Size

    420KB

  • MD5

    8e01aec8f4c6534d6e1cd4fc9d4d5da6

  • SHA1

    404dfa1ad75893e36b06f9233be48d6d8b155f98

  • SHA256

    1c2e6618c91dfa36e8a4a672fff0346351029101e366ca588a09f9ad2f1eff24

  • SHA512

    84d37f60106100bbb7772f09c37c24ef4494f1e909e43573a04d489fefc18787cd335b82e89de2d5368f7e97fa81c264b9feab87287ef98871cf244514355079

  • SSDEEP

    6144:FnP3xCHPVCh+gCwC9G6+O5h+CXlaeIbftdKMPPbYh+VuVF00TKOk3SMxNTK:FP3MHPGtCx3+CXm5PEF0Ola5

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1c2e6618c91dfa36e8a4a672fff0346351029101e366ca588a09f9ad2f1eff24.exe
    "C:\Users\Admin\AppData\Local\Temp\1c2e6618c91dfa36e8a4a672fff0346351029101e366ca588a09f9ad2f1eff24.exe"
    1⤵
      PID:4272
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4272 -s 1092
        2⤵
        • Program crash
        PID:3328
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4272 -ip 4272
      1⤵
        PID:2588

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4272-0-0x00000000021E0000-0x000000000221B000-memory.dmp

        Filesize

        236KB

        Download

      • memory/4272-1-0x0000000000480000-0x00000000004D0000-memory.dmp

        Filesize

        320KB

        Download

      • memory/4272-2-0x0000000000400000-0x0000000000476000-memory.dmp

        Filesize

        472KB

        Download

      • memory/4272-3-0x0000000074480000-0x0000000074C30000-memory.dmp

        Filesize

        7.7MB

        Download

      • memory/4272-4-0x0000000002430000-0x0000000002440000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4272-5-0x0000000002570000-0x00000000025D6000-memory.dmp

        Filesize

        408KB

        Download

      • memory/4272-6-0x0000000002430000-0x0000000002440000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4272-7-0x0000000004C90000-0x0000000005234000-memory.dmp

        Filesize

        5.6MB

        Download

      • memory/4272-8-0x0000000005240000-0x00000000052A2000-memory.dmp

        Filesize

        392KB

        Download

      • memory/4272-9-0x00000000052A0000-0x0000000005332000-memory.dmp

        Filesize

        584KB

        Download

      • memory/4272-10-0x00000000021E0000-0x000000000221B000-memory.dmp

        Filesize

        236KB

        Download

      • memory/4272-11-0x0000000000480000-0x00000000004D0000-memory.dmp

        Filesize

        320KB

        Download

      • memory/4272-12-0x0000000000400000-0x0000000000476000-memory.dmp

        Filesize

        472KB

        Download

      • memory/4272-14-0x0000000000400000-0x0000000000476000-memory.dmp

        Filesize

        472KB

        Download

      • memory/4272-15-0x0000000074480000-0x0000000074C30000-memory.dmp

        Filesize

        7.7MB

        Download