Overview

overview

3

Static

static

3

0fac987ab1...17.exe

windows7-x64

3

0fac987ab1...17.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/12/2023, 20:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0fac987ab116d24e193773a426594e17.exe

  • Size

    25KB

  • MD5

    0fac987ab116d24e193773a426594e17

  • SHA1

    a7aeeba862275391233b5d7d006c2e410a215dcf

  • SHA256

    f8977b57fd24b84e196db5add1326bd671e1431d8efc6ea30e12d4525bf7c76f

  • SHA512

    6e7e116b565c01e8a1b4cf45a007a89f0dacacfdcda6b257a12f77bae104d35c41fdd0c80888e5d3096117c511fe59345f397a6b0dc6a237fd781a05e229c89e

  • SSDEEP

    384:fpd6fBznoEXfLMZmSBeQzcF0x01SS1gfiULkf4jXPlta3XEC/nx1xglqRWI:qzn7XWmS0QTn+4iY7XPLy

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0fac987ab116d24e193773a426594e17.exe
    "C:\Users\Admin\AppData\Local\Temp\0fac987ab116d24e193773a426594e17.exe"
    1⤵
      PID:1864
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1864 -s 1076
        2⤵
        • Program crash
        PID:3060
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1864 -ip 1864
      1⤵
        PID:4516

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1864-0-0x0000000075000000-0x00000000757B0000-memory.dmp

        Filesize

        7.7MB

        Download

      • memory/1864-1-0x0000000000340000-0x000000000034E000-memory.dmp

        Filesize

        56KB

        Download

      • memory/1864-2-0x0000000004D90000-0x0000000004E2C000-memory.dmp

        Filesize

        624KB

        Download

      • memory/1864-3-0x00000000053E0000-0x0000000005984000-memory.dmp

        Filesize

        5.6MB

        Download

      • memory/1864-4-0x0000000004E30000-0x0000000004EC2000-memory.dmp

        Filesize

        584KB

        Download

      • memory/1864-5-0x0000000004FF0000-0x0000000005000000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1864-7-0x0000000005060000-0x00000000050B6000-memory.dmp

        Filesize

        344KB

        Download

      • memory/1864-6-0x0000000004D30000-0x0000000004D3A000-memory.dmp

        Filesize

        40KB

        Download

      • memory/1864-8-0x0000000075000000-0x00000000757B0000-memory.dmp

        Filesize

        7.7MB

        Download