88f4f148fd420c5abaf4e5ae92914cc3be611d3aceed103e6a9e175aec6a7e2b | Triage

Analysis

max time kernel
79s
max time network
37s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
24/12/2023, 18:38

Sharing

Report Analysis Logs

General

Target

0c74b282ba29c04c1f4c54c92dc6954b.exe
Size

121KB
MD5

0c74b282ba29c04c1f4c54c92dc6954b
SHA1

522bed4fbd8ff3ab4bae9efa2bb3dd4a3d4ed785
SHA256

88f4f148fd420c5abaf4e5ae92914cc3be611d3aceed103e6a9e175aec6a7e2b
SHA512

dca5f81a1dce2021203a5042484ea910fe8c9096947ef33d84e0bd3d269651a2af971df22359e5c06ae6e9c47ca3889bb4b50b5e313686b837c4aee3fd76dbda
SSDEEP

3072:Ny9hznY91+nhbkgistg76ziQNwTuBHE4k4vo:Ny9hnYr+njistmmaT67v

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2020	2612	WerFault.exe	14

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2612 wrote to memory of 2020	2612	0c74b282ba29c04c1f4c54c92dc6954b.exe	29
PID 2612 wrote to memory of 2020	2612	0c74b282ba29c04c1f4c54c92dc6954b.exe	29
PID 2612 wrote to memory of 2020	2612	0c74b282ba29c04c1f4c54c92dc6954b.exe	29
PID 2612 wrote to memory of 2020	2612	0c74b282ba29c04c1f4c54c92dc6954b.exe	29

C:\Users\Admin\AppData\Local\Temp\0c74b282ba29c04c1f4c54c92dc6954b.exe
"C:\Users\Admin\AppData\Local\Temp\0c74b282ba29c04c1f4c54c92dc6954b.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2612
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2612 -s 44
  2⤵
  - Program crash
  PID:2020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads