8f7cb4523f66804ab91d3b0f2600ef45d2e95933255fb35cc785aeb2ab179d38 | Triage

Analysis

max time kernel
119s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 18:14

Sharing

Report Analysis Logs

General

Target

33ab7e3484ede7fe97cdfe9046ac538c.exe
Size

40KB
MD5

33ab7e3484ede7fe97cdfe9046ac538c
SHA1

793513be294a03acee57e1da98b98eb0c8a0afbe
SHA256

8f7cb4523f66804ab91d3b0f2600ef45d2e95933255fb35cc785aeb2ab179d38
SHA512

e556e8e37bcdff671915fc86365b9d7559411a6d36a5a0dbc12d775179a177e46133e3cbd18fff683a4d0a00dd5250387ea09f62eec0bb4cdcf467ad411c3ddb
SSDEEP

768:lYDISZ8yNqTxQu+o0ekMGYG7k/Uagq8ONOskXUFNXL0e:gxWh+lekMGBTagq8ORb

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2276	2100	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2100 wrote to memory of 2276	2100	33ab7e3484ede7fe97cdfe9046ac538c.exe	28
PID 2100 wrote to memory of 2276	2100	33ab7e3484ede7fe97cdfe9046ac538c.exe	28
PID 2100 wrote to memory of 2276	2100	33ab7e3484ede7fe97cdfe9046ac538c.exe	28
PID 2100 wrote to memory of 2276	2100	33ab7e3484ede7fe97cdfe9046ac538c.exe	28

C:\Users\Admin\AppData\Local\Temp\33ab7e3484ede7fe97cdfe9046ac538c.exe
"C:\Users\Admin\AppData\Local\Temp\33ab7e3484ede7fe97cdfe9046ac538c.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2100
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2100 -s 36
  2⤵
  - Program crash
  PID:2276

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads