4e4b4bd204eeb1706cdafad2ba56096cf2bdc2acc6a40ba84c3f9e9872499383

Analysis

max time kernel
143s
max time network
149s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
29/12/2023, 22:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

055a4c82658aa233c9b223a0e44abfb2.exe
Size

584KB
MD5

055a4c82658aa233c9b223a0e44abfb2
SHA1

e662c0491f0c511739a14d6038e0e9b4ab64a4e7
SHA256

4e4b4bd204eeb1706cdafad2ba56096cf2bdc2acc6a40ba84c3f9e9872499383
SHA512

eaec1dbcd8924c6b8be0cdc63e5fe07ee4193020d26b7f63af69d20bfd8d82ca4f9d1903354a616de2f719329682f68c0177aba2b37c825cd0d3a165b89d4109
SSDEEP

12288:IfioJ27f8GH4tNODBnXQRDpxS1c2obY7h1YcE9Zhi7B0prye5:6zGHGODIxAoclehi7uprye5

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2708	1456	WerFault.exe	8

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
1456	055a4c82658aa233c9b223a0e44abfb2.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1456 wrote to memory of 2708	1456	055a4c82658aa233c9b223a0e44abfb2.exe	28
PID 1456 wrote to memory of 2708	1456	055a4c82658aa233c9b223a0e44abfb2.exe	28
PID 1456 wrote to memory of 2708	1456	055a4c82658aa233c9b223a0e44abfb2.exe	28
PID 1456 wrote to memory of 2708	1456	055a4c82658aa233c9b223a0e44abfb2.exe	28

C:\Users\Admin\AppData\Local\Temp\055a4c82658aa233c9b223a0e44abfb2.exe
"C:\Users\Admin\AppData\Local\Temp\055a4c82658aa233c9b223a0e44abfb2.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1456
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1456 -s 292
  2⤵
  - Program crash
  PID:2708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1456-0-0x0000000010000000-0x00000000100F9000-memory.dmp

Filesize
996KB

Download
memory/1456-1-0x0000000000380000-0x00000000003D0000-memory.dmp

Filesize
320KB

Download
memory/1456-11-0x00000000029F0000-0x00000000029F1000-memory.dmp

Filesize
4KB

Download
memory/1456-10-0x00000000029E0000-0x00000000029E3000-memory.dmp

Filesize
12KB

Download
memory/1456-18-0x0000000002350000-0x0000000002351000-memory.dmp

Filesize
4KB

Download
memory/1456-44-0x0000000002C90000-0x0000000002C91000-memory.dmp

Filesize
4KB

Download
memory/1456-55-0x0000000002D20000-0x0000000002D21000-memory.dmp

Filesize
4KB

Download
memory/1456-54-0x0000000002D30000-0x0000000002D31000-memory.dmp

Filesize
4KB

Download
memory/1456-53-0x0000000002D40000-0x0000000002D41000-memory.dmp

Filesize
4KB

Download
memory/1456-52-0x0000000002D50000-0x0000000002D51000-memory.dmp

Filesize
4KB

Download
memory/1456-51-0x0000000002D10000-0x0000000002D11000-memory.dmp

Filesize
4KB

Download
memory/1456-50-0x0000000002CF0000-0x0000000002CF1000-memory.dmp

Filesize
4KB

Download
memory/1456-49-0x0000000002D00000-0x0000000002D01000-memory.dmp

Filesize
4KB

Download
memory/1456-48-0x0000000002CD0000-0x0000000002CD1000-memory.dmp

Filesize
4KB

Download
memory/1456-47-0x0000000002CE0000-0x0000000002CE1000-memory.dmp

Filesize
4KB

Download
memory/1456-46-0x0000000002CB0000-0x0000000002CB1000-memory.dmp

Filesize
4KB

Download
memory/1456-45-0x0000000002CC0000-0x0000000002CC1000-memory.dmp

Filesize
4KB

Download
memory/1456-43-0x0000000002CA0000-0x0000000002CA1000-memory.dmp

Filesize
4KB

Download
memory/1456-42-0x0000000002C70000-0x0000000002C71000-memory.dmp

Filesize
4KB

Download
memory/1456-41-0x0000000002C80000-0x0000000002C81000-memory.dmp

Filesize
4KB

Download
memory/1456-40-0x0000000002C50000-0x0000000002C51000-memory.dmp

Filesize
4KB

Download
memory/1456-39-0x0000000002C60000-0x0000000002C61000-memory.dmp

Filesize
4KB

Download
memory/1456-38-0x0000000002B30000-0x0000000002B31000-memory.dmp

Filesize
4KB

Download
memory/1456-37-0x0000000002B40000-0x0000000002B41000-memory.dmp

Filesize
4KB

Download
memory/1456-36-0x0000000002B10000-0x0000000002B11000-memory.dmp

Filesize
4KB

Download
memory/1456-35-0x0000000002B20000-0x0000000002B21000-memory.dmp

Filesize
4KB

Download
memory/1456-34-0x0000000002AF0000-0x0000000002AF1000-memory.dmp

Filesize
4KB

Download
memory/1456-33-0x0000000002B00000-0x0000000002B01000-memory.dmp

Filesize
4KB

Download
memory/1456-32-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

Filesize
4KB

Download
memory/1456-31-0x0000000002AE0000-0x0000000002AE1000-memory.dmp

Filesize
4KB

Download
memory/1456-30-0x0000000002AB0000-0x0000000002AB1000-memory.dmp

Filesize
4KB

Download
memory/1456-29-0x0000000002AC0000-0x0000000002AC1000-memory.dmp

Filesize
4KB

Download
memory/1456-28-0x0000000002A90000-0x0000000002A91000-memory.dmp

Filesize
4KB

Download
memory/1456-27-0x0000000002AA0000-0x0000000002AA1000-memory.dmp

Filesize
4KB

Download
memory/1456-26-0x0000000002A70000-0x0000000002A71000-memory.dmp

Filesize
4KB

Download
memory/1456-25-0x0000000002A80000-0x0000000002A81000-memory.dmp

Filesize
4KB

Download
memory/1456-24-0x0000000002A50000-0x0000000002A51000-memory.dmp

Filesize
4KB

Download
memory/1456-23-0x0000000002A60000-0x0000000002A61000-memory.dmp

Filesize
4KB

Download
memory/1456-22-0x0000000002A40000-0x0000000002A41000-memory.dmp

Filesize
4KB

Download
memory/1456-21-0x0000000002400000-0x0000000002401000-memory.dmp

Filesize
4KB

Download
memory/1456-20-0x0000000002850000-0x0000000002851000-memory.dmp

Filesize
4KB

Download
memory/1456-19-0x00000000022A0000-0x00000000022A1000-memory.dmp

Filesize
4KB

Download
memory/1456-17-0x0000000000700000-0x0000000000701000-memory.dmp

Filesize
4KB

Download
memory/1456-16-0x0000000002A00000-0x0000000002A01000-memory.dmp

Filesize
4KB

Download
memory/1456-15-0x0000000000250000-0x0000000000251000-memory.dmp

Filesize
4KB

Download
memory/1456-14-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/1456-13-0x0000000000610000-0x0000000000611000-memory.dmp

Filesize
4KB

Download
memory/1456-12-0x0000000002A30000-0x0000000002A31000-memory.dmp

Filesize
4KB

Download
memory/1456-9-0x0000000000680000-0x0000000000681000-memory.dmp

Filesize
4KB

Download
memory/1456-8-0x00000000006C0000-0x00000000006C1000-memory.dmp

Filesize
4KB

Download
memory/1456-7-0x00000000006F0000-0x00000000006F1000-memory.dmp

Filesize
4KB

Download
memory/1456-6-0x00000000006B0000-0x00000000006B1000-memory.dmp

Filesize
4KB

Download
memory/1456-5-0x00000000006A0000-0x00000000006A1000-memory.dmp

Filesize
4KB

Download
memory/1456-4-0x0000000000620000-0x0000000000621000-memory.dmp

Filesize
4KB

Download
memory/1456-3-0x0000000000630000-0x0000000000631000-memory.dmp

Filesize
4KB

Download
memory/1456-2-0x00000000006E0000-0x00000000006E1000-memory.dmp

Filesize
4KB

Download
memory/1456-56-0x0000000010000000-0x00000000100F9000-memory.dmp

Filesize
996KB

Download
memory/1456-57-0x0000000000380000-0x00000000003D0000-memory.dmp

Filesize
320KB

Download