b791d7ecbbc641eaf6abb668bb46771805b37b4e7a4f6d80ad6b044eaf7cc776

Analysis

max time kernel
122s
max time network
133s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
27-11-2023 01:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b791d7ecbbc641eaf6abb668bb46771805b37b4e7a4f6d80ad6b044eaf7cc776.exe
Size

140.7MB
MD5

5995ca05e6e1c97bfa8cdea3420164ba
SHA1

bb013638d660b86f514a70de2284ef8abb3ea981
SHA256

b791d7ecbbc641eaf6abb668bb46771805b37b4e7a4f6d80ad6b044eaf7cc776
SHA512

69c9185e37726de9a91596e2cc435f11316ea62cbddce660afd75fb6767f9c642b1994836e85816ca00ed464578043f40b7140f262a49c50f56586f414366923
SSDEEP

786432:Ihp84LpgapMr7WN3KPqiVtAnnFWZEjdmXNDGY6zZyBdTtLwSTRpf4P1wT1M9t0v:Ihm4LpgF3TVGnBJm9pkcEtM

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2208 wrote to memory of 2588	2208	b791d7ecbbc641eaf6abb668bb46771805b37b4e7a4f6d80ad6b044eaf7cc776.exe	28
PID 2208 wrote to memory of 2588	2208	b791d7ecbbc641eaf6abb668bb46771805b37b4e7a4f6d80ad6b044eaf7cc776.exe	28
PID 2208 wrote to memory of 2588	2208	b791d7ecbbc641eaf6abb668bb46771805b37b4e7a4f6d80ad6b044eaf7cc776.exe	28

C:\Users\Admin\AppData\Local\Temp\b791d7ecbbc641eaf6abb668bb46771805b37b4e7a4f6d80ad6b044eaf7cc776.exe
"C:\Users\Admin\AppData\Local\Temp\b791d7ecbbc641eaf6abb668bb46771805b37b4e7a4f6d80ad6b044eaf7cc776.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2208
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2208 -s 668
  2⤵
  PID:2588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2208-0-0x0000000180000000-0x0000000180A25000-memory.dmp

Filesize
10.1MB

Download
memory/2208-4-0x000000013F1D0000-0x000000013FAFB000-memory.dmp

Filesize
9.2MB

Download
memory/2208-3-0x0000000023EA0000-0x0000000024E28000-memory.dmp

Filesize
15.5MB

Download
memory/2208-7-0x0000000022E10000-0x0000000023038000-memory.dmp

Filesize
2.2MB

Download
memory/2208-10-0x0000000023040000-0x000000002319E000-memory.dmp

Filesize
1.4MB

Download
memory/2208-13-0x0000000002090000-0x00000000020D4000-memory.dmp

Filesize
272KB

Download
memory/2208-16-0x0000000022A20000-0x0000000022A5E000-memory.dmp

Filesize
248KB

Download
memory/2208-19-0x0000000024E30000-0x0000000025672000-memory.dmp

Filesize
8.3MB

Download
memory/2208-22-0x0000000022C70000-0x0000000022CF0000-memory.dmp

Filesize
512KB

Download
memory/2208-31-0x0000000001EE0000-0x0000000001EF3000-memory.dmp

Filesize
76KB

Download
memory/2208-28-0x0000000000310000-0x0000000000315000-memory.dmp

Filesize
20KB

Download
memory/2208-34-0x00000000020E0000-0x00000000020E7000-memory.dmp

Filesize
28KB

Download
memory/2208-25-0x0000000000300000-0x000000000030D000-memory.dmp

Filesize
52KB

Download
memory/2208-37-0x00000000020F0000-0x0000000002109000-memory.dmp

Filesize
100KB

Download
memory/2208-40-0x0000000022C10000-0x0000000022C26000-memory.dmp

Filesize
88KB

Download
memory/2208-46-0x0000000022CF0000-0x0000000022D08000-memory.dmp

Filesize
96KB

Download
memory/2208-43-0x0000000022C30000-0x0000000022C70000-memory.dmp

Filesize
256KB

Download
memory/2208-49-0x0000000022D10000-0x0000000022D22000-memory.dmp

Filesize
72KB

Download
memory/2208-52-0x0000000022BF0000-0x0000000022BF9000-memory.dmp

Filesize
36KB

Download
memory/2208-55-0x0000000023580000-0x0000000023694000-memory.dmp

Filesize
1.1MB

Download
memory/2208-58-0x00000000236A0000-0x0000000023742000-memory.dmp

Filesize
648KB

Download
memory/2208-61-0x000000013F1D0000-0x000000013FAFB000-memory.dmp

Filesize
9.2MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads