5c6aaf44f42abb4f4f96425ffdfb91c9a70b041d7071447521f0a522a1266486

Analysis

max time kernel
122s
max time network
135s
platform
windows7_x64
resource
win7-20231023-en
resource tags

arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
submitted
22-11-2023 08:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5c6aaf44f42abb4f4f96425ffdfb91c9a70b041d7071447521f0a522a1266486.exe
Size

183.1MB
MD5

87cafbd6e6eba3b0b9a18501b923dfd7
SHA1

b99e3f5c17d5c5575c0db58d2fde1ef4d8e941e3
SHA256

5c6aaf44f42abb4f4f96425ffdfb91c9a70b041d7071447521f0a522a1266486
SHA512

22b14dfb808a3d5b1b9637d9b613a0ecf20d555cf2a0877ad65374bc1d0c19f037331384d96410c6a7d1b392b221bf1b3f869c07ed5a646e9f3c402e47c18a72
SSDEEP

786432:B5NQ4e6UmdCvF4N3RtI9n1gqBf8ICdZNXDPWsUwZnb5xFTtLwSTRpf4P1wT1CdYQ:HBUmamUyqtOyctOdY31WYzKv

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2228 wrote to memory of 2808	2228	5c6aaf44f42abb4f4f96425ffdfb91c9a70b041d7071447521f0a522a1266486.exe	28
PID 2228 wrote to memory of 2808	2228	5c6aaf44f42abb4f4f96425ffdfb91c9a70b041d7071447521f0a522a1266486.exe	28
PID 2228 wrote to memory of 2808	2228	5c6aaf44f42abb4f4f96425ffdfb91c9a70b041d7071447521f0a522a1266486.exe	28

C:\Users\Admin\AppData\Local\Temp\5c6aaf44f42abb4f4f96425ffdfb91c9a70b041d7071447521f0a522a1266486.exe
"C:\Users\Admin\AppData\Local\Temp\5c6aaf44f42abb4f4f96425ffdfb91c9a70b041d7071447521f0a522a1266486.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2228
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2228 -s 620
  2⤵
  PID:2808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2228-0-0x0000000180000000-0x0000000180A25000-memory.dmp

Filesize
10.1MB

Download
memory/2228-4-0x000000013F9F0000-0x0000000140340000-memory.dmp

Filesize
9.3MB

Download
memory/2228-3-0x0000000002A80000-0x0000000002B55000-memory.dmp

Filesize
852KB

Download
memory/2228-7-0x0000000000540000-0x0000000000560000-memory.dmp

Filesize
128KB

Download
memory/2228-10-0x00000000002D0000-0x00000000002E3000-memory.dmp

Filesize
76KB

Download
memory/2228-13-0x0000000001D10000-0x0000000001D50000-memory.dmp

Filesize
256KB

Download
memory/2228-16-0x0000000004500000-0x00000000051B1000-memory.dmp

Filesize
12.7MB

Download
memory/2228-19-0x0000000000560000-0x0000000000572000-memory.dmp

Filesize
72KB

Download
memory/2228-22-0x0000000002FC0000-0x0000000003081000-memory.dmp

Filesize
772KB

Download
memory/2228-25-0x00000000002C0000-0x00000000002CD000-memory.dmp

Filesize
52KB

Download
memory/2228-28-0x0000000001CE0000-0x0000000001CF8000-memory.dmp

Filesize
96KB

Download
memory/2228-31-0x0000000000580000-0x0000000000586000-memory.dmp

Filesize
24KB

Download
memory/2228-34-0x0000000001D00000-0x0000000001D09000-memory.dmp

Filesize
36KB

Download
memory/2228-37-0x0000000003B10000-0x0000000003C24000-memory.dmp

Filesize
1.1MB

Download
memory/2228-40-0x0000000003490000-0x0000000003532000-memory.dmp

Filesize
648KB

Download
memory/2228-43-0x0000000002000000-0x0000000002016000-memory.dmp

Filesize
88KB

Download
memory/2228-46-0x000000013F9F0000-0x0000000140340000-memory.dmp

Filesize
9.3MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads