67cfd80f670a8444cb33472804d6f63e8947ccc09b13a509c18877c5786c38c0 | Triage

Analysis

max time kernel
130s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
15/11/2023, 02:24

Sharing

Report Analysis Logs

General

Target

NEAS.7676331c3a7d737b18fc73b5fc4d1e00.exe
Size

640KB
MD5

7676331c3a7d737b18fc73b5fc4d1e00
SHA1

92ce0eeace9d95631c0151710ae32dc53a91291f
SHA256

67cfd80f670a8444cb33472804d6f63e8947ccc09b13a509c18877c5786c38c0
SHA512

ea830f4fa32e65df94a605105d1f9c3eeca548fffde3a0e09db00ad80cdc29676097b4dd6cf269a3c6ad13013da306a25c91282fdda9cbb616d0d150624334c0
SSDEEP

6144:hU0NrUY3EWtIelZgmLKS3yVYoZcOLBDlBRcpa:hUqd3EOHlumDICOR/R

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3812	1260	WerFault.exe	71

C:\Users\Admin\AppData\Local\Temp\NEAS.7676331c3a7d737b18fc73b5fc4d1e00.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.7676331c3a7d737b18fc73b5fc4d1e00.exe"
1⤵
PID:1260
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1260 -s 228
  2⤵
  - Program crash
  PID:3812

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1260 -ip 1260
1⤵
PID:2408

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1260-0-0x0000000000F40000-0x0000000000FE0000-memory.dmp

Filesize
640KB

Download