ecc09adc90681a8b98386c0d3433572ce768841ac2a10b2ed49ddc38de18b368 | Triage

Analysis

max time kernel
139s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
01/11/2023, 13:55

Sharing

Report Analysis Logs

General

Target

NEAS.279d6f058418eaba533306e892ce21e0.exe
Size

272KB
MD5

279d6f058418eaba533306e892ce21e0
SHA1

adfa58734ac970cf6817b5f62cb4095eb14ab199
SHA256

ecc09adc90681a8b98386c0d3433572ce768841ac2a10b2ed49ddc38de18b368
SHA512

0479b8d483068e5b017f57c60bcd68792d7bad0ee8ac83b9dc222a42eae7f4d7151a142bad64dd2998c02dce583811ac12b92893775cc1c7c167a0b119261523
SSDEEP

3072:aFKO/+AN30XttofAEYw8asCHNhMXi6Y0HYSx:aFa20gIEY2xUS6U

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
516	5012	WerFault.exe	83

C:\Users\Admin\AppData\Local\Temp\NEAS.279d6f058418eaba533306e892ce21e0.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.279d6f058418eaba533306e892ce21e0.exe"
1⤵
PID:5012
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 5012 -s 232
  2⤵
  - Program crash
  PID:516

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 5012 -ip 5012
1⤵
PID:4024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5012-0-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download