Resubmissions
22-11-2023 18:31
231122-w6dhgaeg2s 1022-11-2023 17:47
231122-wc362adh78 1021-11-2023 05:35
231121-gajbhscf47 10Analysis
-
max time kernel
3s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20231020-en -
resource tags
arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system -
submitted
22-11-2023 18:31
Behavioral task
behavioral1
Sample
763b04ef2d0954c7ecf394249665bcd71eeafebc3a66a27b010f558fd59dbdeb.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
763b04ef2d0954c7ecf394249665bcd71eeafebc3a66a27b010f558fd59dbdeb.exe
Resource
win10-20231023-en
Behavioral task
behavioral3
Sample
763b04ef2d0954c7ecf394249665bcd71eeafebc3a66a27b010f558fd59dbdeb.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral4
Sample
out.exe
Resource
win7-20231020-en
Behavioral task
behavioral5
Sample
out.exe
Resource
win10-20231020-en
Behavioral task
behavioral6
Sample
out.exe
Resource
win10v2004-20231023-en
General
-
Target
out.exe
-
Size
66KB
-
MD5
3e5cbdab7207e1a7ecd1bf16dce378f2
-
SHA1
909cc47b83d3f52ff1b442691030425998d00e13
-
SHA256
88e4f0f811954b60a885376a1f40cd3c5c3d9f1b8ffee6cda236b458b28b95ae
-
SHA512
e901ab9c82a00282440130c3a8d857a1f4d96dc7e340b4caefc78b684fd1c8c9e93515054c8820a91f43fcb156d9582ecf615dc6e2c0fbea4cf63ab50d426b2f
-
SSDEEP
1536:ANeRBl5PT/rx1mzwRMSTdLpY3G6+OjDSB0c4a+96tHUSc9u:AQRrmzwR5FLOiiVWH9c9
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2200 1980 WerFault.exe out.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
out.exedescription pid process target process PID 1980 wrote to memory of 2200 1980 out.exe WerFault.exe PID 1980 wrote to memory of 2200 1980 out.exe WerFault.exe PID 1980 wrote to memory of 2200 1980 out.exe WerFault.exe PID 1980 wrote to memory of 2200 1980 out.exe WerFault.exe