Overview

overview

3

Static

static

3

088227ce89...0d.exe

windows7-x64

3

088227ce89...0d.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 05:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    088227ce89c01278e6322bd23c39220d.exe

  • Size

    36KB

  • MD5

    088227ce89c01278e6322bd23c39220d

  • SHA1

    3d0842626c5720288078225ada67f00d35f0b0de

  • SHA256

    733dad4cda3b330d46be5fefc48b067531af42baf929d9755ad6a2080bf929f7

  • SHA512

    4149b2ff4cb7f3a30a0acc598642e55505e1f94db82930fb90a934467e2c0d440c65b25e52d370b32687164b0229e88ec779e4ce7507f53c2b16c4c79e5f6dfb

  • SSDEEP

    384:/M4t888OBhll6c5+vYF4hg26i0cywrJC6QqWTgh24Y02Zyup54UxPLxaDTzeEeh8:dhllbrFGL0cUf1yuEeRYC2yg/cfHM

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 1740 -s 156
    1⤵
    • Program crash
    PID:2312
  • C:\Users\Admin\AppData\Local\Temp\088227ce89c01278e6322bd23c39220d.exe
    "C:\Users\Admin\AppData\Local\Temp\088227ce89c01278e6322bd23c39220d.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1740

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads