Overview

overview

3

Static

static

3

06b1c5b88a...61.exe

windows7-x64

1

06b1c5b88a...61.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231127-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/11/2023, 19:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    06b1c5b88aeefb7fc301c5c034918d48c567c9028feecf1d2fa8e42a9115f461.exe

  • Size

    4.6MB

  • MD5

    44f7583a2d4cebea6f4790ea8be4da58

  • SHA1

    46d973b9ed1e9acd894a7bd69d57abe5785f647c

  • SHA256

    06b1c5b88aeefb7fc301c5c034918d48c567c9028feecf1d2fa8e42a9115f461

  • SHA512

    4481eeac2cbf22d564978d02f46cff21ac232805ce928f18960d7c07b9aa3a9ae4093ec588b818752615a86d35db85e87917849ceae46b0930748b13b88f7eaa

  • SSDEEP

    98304:Co1irDPV5yndfTT8zSdMUz5N6wuj6wXeD+hwjpAeQG:ePVIndLTHFpmZEQG

Score
3/10

Malware Config

Signatures

  • Program crash 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\06b1c5b88aeefb7fc301c5c034918d48c567c9028feecf1d2fa8e42a9115f461.exe
    "C:\Users\Admin\AppData\Local\Temp\06b1c5b88aeefb7fc301c5c034918d48c567c9028feecf1d2fa8e42a9115f461.exe"
    1⤵
      PID:4968
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4968 -s 892
        2⤵
        • Program crash
        PID:1088
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4968 -s 928
        2⤵
        • Program crash
        PID:3312
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4968 -s 1040
        2⤵
        • Program crash
        PID:4956
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4968 -s 148
        2⤵
        • Program crash
        PID:3252
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4968 -ip 4968
      1⤵
        PID:4512
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 4968 -ip 4968
        1⤵
          PID:632
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 4968 -ip 4968
          1⤵
            PID:4328
          • C:\Windows\SysWOW64\WerFault.exe
            C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 4968 -ip 4968
            1⤵
              PID:1568

            Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  • memory/4968-0-0x0000000000400000-0x0000000000CA0000-memory.dmp

                    Filesize

                    8.6MB

                    Download

                  • memory/4968-1-0x0000000000400000-0x0000000000CA0000-memory.dmp

                    Filesize

                    8.6MB

                    Download

                  • memory/4968-2-0x0000000000400000-0x0000000000CA0000-memory.dmp

                    Filesize

                    8.6MB

                    Download

                  • memory/4968-3-0x0000000003840000-0x0000000003841000-memory.dmp

                    Filesize

                    4KB

                    Download

                  • memory/4968-5-0x0000000000400000-0x0000000000CA0000-memory.dmp

                    Filesize

                    8.6MB

                    Download