c680e5bf89609a2bc8f50217c7bc859fa7d60bdcb53660475bd49e980e2c1e6f

Analysis

max time kernel
118s
max time network
138s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
14-10-2023 03:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe
Size

930KB
MD5

003a5adb39b4aae944fcee366eeecb08
SHA1

34603c966fd5bb29b671275d215db348a66e8ea6
SHA256

c680e5bf89609a2bc8f50217c7bc859fa7d60bdcb53660475bd49e980e2c1e6f
SHA512

d8ebaed7db5a8f2991e88a3c03c0d03137867369b10b9d07fa5dee377424fa9d85b71d3cee02c63a2c73b6737c7b6f1b48309de33dfa429685f3762ad9f47545
SSDEEP

12288:50//yfYb5BIQZVtRXPWfrcojoQkFAaoDUTlJ/Y/ezShebbLAfIoo/d2kgExJkPy9:GiuBtZeraPKengSVL6oJgFbBmW8XBh

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 1080 set thread context of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2716	2232	WerFault.exe	29

Suspicious use of WriteProcessMemory 21 IoCs

description	pid	Process	procid_target
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 1080 wrote to memory of 2232	1080	SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe	29
PID 2232 wrote to memory of 2716	2232	AppLaunch.exe	30
PID 2232 wrote to memory of 2716	2232	AppLaunch.exe	30
PID 2232 wrote to memory of 2716	2232	AppLaunch.exe	30
PID 2232 wrote to memory of 2716	2232	AppLaunch.exe	30
PID 2232 wrote to memory of 2716	2232	AppLaunch.exe	30
PID 2232 wrote to memory of 2716	2232	AppLaunch.exe	30
PID 2232 wrote to memory of 2716	2232	AppLaunch.exe	30

C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe
"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win32.CrypterX-gen.31728.27686.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:1080
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:2232
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 2232 -s 200
    3⤵
    - Program crash
    PID:2716

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2232-1-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download
memory/2232-3-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download
memory/2232-5-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download
memory/2232-6-0x00000000FFFDE000-0x00000000FFFDF000-memory.dmp

Filesize
4KB

Download
memory/2232-7-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download
memory/2232-4-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download
memory/2232-2-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download
memory/2232-0-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download
memory/2232-9-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download
memory/2232-11-0x0000000000400000-0x00000000004BB000-memory.dmp

Filesize
748KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads