Overview

overview

3

Static

static

1

99186d7f6d...4b.exe

windows7-x64

1

99186d7f6d...4b.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    113s
  • max time network
    171s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-11-2023 20:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    99186d7f6d7d2c525c19a5bccdd648d19fe18ac18acfc70616f20ec3e548554b.exe

  • Size

    983KB

  • MD5

    3232dd456a65a442ec4ac99e913a274b

  • SHA1

    6213d69417cd10e429cee89054c90ef203ae4059

  • SHA256

    99186d7f6d7d2c525c19a5bccdd648d19fe18ac18acfc70616f20ec3e548554b

  • SHA512

    4025947c3765e84684a690464eb7c48c1d5bbe8a3b13a004127905b4a33fa3cbf1b957a1666be64945218556695fcab3a0665262d60885af4d68f964ace7213e

  • SSDEEP

    24576:YgqkTj6EyRdrznilCdymfeKdkMBFKZFvp/z9Ht:YgHj6dd6Cdymd0lt

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\99186d7f6d7d2c525c19a5bccdd648d19fe18ac18acfc70616f20ec3e548554b.exe
    "C:\Users\Admin\AppData\Local\Temp\99186d7f6d7d2c525c19a5bccdd648d19fe18ac18acfc70616f20ec3e548554b.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2892
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2892 -s 816
      2⤵
      • Program crash
      PID:4084
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 2892 -ip 2892
    1⤵
      PID:1904

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads