Overview

overview

10

Static

static

1

sample.exe

windows7-x64

1

sample.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    09-12-2023 15:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.exe

  • Size

    303.9MB

  • MD5

    0bafac2df7e1f6484ef8275139c2db58

  • SHA1

    6c8b8ed483cf0cb10235edb5ff466fb879894cb8

  • SHA256

    a75819503eadb1816eee8884801d11ea7e8d1257ead704bca2aea42afe5edada

  • SHA512

    3ff129228af2111767fa10c7ba333fa285fd9f3bf4ccf66e30dc19ea68cd9a70e2096c21d97787258b820b53295abb2702510f775cb15c4a2cbd09bd72c3ed7f

  • SSDEEP

    49152:6Q1H7b5ZMWbZTZ2i5Of1BXpSKEmW4Z5PgIjjvs:6+

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\sample.exe
    "C:\Users\Admin\AppData\Local\Temp\sample.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2040 -s 516
      2⤵
        PID:2368

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2040-0-0x000007FEF56E0000-0x000007FEF60CC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2040-1-0x000000013F270000-0x0000000140270000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/2040-2-0x000007FEF56E0000-0x000007FEF60CC000-memory.dmp

      Filesize

      9.9MB

      Download