1accce32182c22e009d0cafd017f8e8481fa6c365f51949bb14616de7c274e04 | Triage

Analysis

max time kernel
134s
max time network
162s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
01/11/2023, 14:16

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

NEAS.ac00b2d866054c0fa35bbd4fbeb91590.exe
Size

252KB
MD5

ac00b2d866054c0fa35bbd4fbeb91590
SHA1

1304d1c9c2409d7b4c243aa84106001f4cdf5043
SHA256

1accce32182c22e009d0cafd017f8e8481fa6c365f51949bb14616de7c274e04
SHA512

e44919f403b90119203e68244ef7488d384f1ff6e724aaa650f8e3cb3902cab964e3af809f77f4815bcd0178ae3f27db472cc3ab08093bd23a33efdd3510fae7
SSDEEP

3072:C7xsBcGem+IYESTlMEeO2qOQpq3HNr5G:CVsB6rTqfXqO+uN

Score

3^/10

Malware Config

Signatures

Program crash 2 IoCs

pid	pid_target	Process	procid_target
1180	3624	WerFault.exe	85
4264	3624	WerFault.exe	85

C:\Users\Admin\AppData\Local\Temp\NEAS.ac00b2d866054c0fa35bbd4fbeb91590.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.ac00b2d866054c0fa35bbd4fbeb91590.exe"
1⤵
PID:3624
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3624 -s 220
  2⤵
  - Program crash
  PID:1180
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3624 -s 224
  2⤵
  - Program crash
  PID:4264

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3624 -ip 3624
1⤵
PID:1784

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 3624 -ip 3624
1⤵
PID:3972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3624-0-0x0000000000400000-0x000000000043F000-memory.dmp

Filesize
252KB

Download