065bd5c3e44e47c4b791715ae5d416a17d7169318727b502ab032282c9ab4f5a | Triage

Analysis

max time kernel
142s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20231025-en
resource tags

arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
submitted
01-11-2023 22:29

Sharing

Report Analysis Logs

General

Target

NEAS.6cf7230cae8683b6bcf2f35b8a461480_JC.exe
Size

14KB
MD5

6cf7230cae8683b6bcf2f35b8a461480
SHA1

8d7a7e99252554220071e9a1e1118ab922a2a7b6
SHA256

065bd5c3e44e47c4b791715ae5d416a17d7169318727b502ab032282c9ab4f5a
SHA512

c851e4f7a1a062e242ca86440ea88ff8eccbad208fb24050731777f33e1a953f67caf140a523725f5a3890e301384f0269b3321e5e65db272ca987ef3bd99754
SSDEEP

384:3YXFlprnaBelQuE66anfr314XnGWDE045HKeee:8F6BuDZ6Wfr31n8A

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4544	1164	WerFault.exe	79

C:\Users\Admin\AppData\Local\Temp\NEAS.6cf7230cae8683b6bcf2f35b8a461480_JC.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.6cf7230cae8683b6bcf2f35b8a461480_JC.exe"
1⤵
PID:1164
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1164 -s 212
  2⤵
  - Program crash
  PID:4544

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 1164 -ip 1164
1⤵
PID:5028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1164-0-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download