Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 18:36

General

  • Target

    00a7fb26f752a8cd6748f7d56d6d0452.exe

  • Size

    28KB

  • MD5

    00a7fb26f752a8cd6748f7d56d6d0452

  • SHA1

    32cbb0feefcc9eeea413f110aae6fd2b051533ec

  • SHA256

    fc7e5f1c05c1fb43af8f29016de197e0c0e95775d624fbdd3762a17c2194ae89

  • SHA512

    9c2626f2c9490760c45d393b78c33a3fd9dad53cca2c2262bcc87fc2ff286588ea8483a83e17166ac8873ad9642c46e10ef0f92e2906287733ce0ebf1a1aba5d

  • SSDEEP

    192:yJvPTCh13Ata1Utwi1oyn25okipR8EWx5VRtTwZxf1I/Tzoz0ZY6yNFZ+w7:APTNam6i1DtA5b9ie/Tzoc+37

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\00a7fb26f752a8cd6748f7d56d6d0452.exe
    "C:\Users\Admin\AppData\Local\Temp\00a7fb26f752a8cd6748f7d56d6d0452.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2464
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2464 -s 148
      2⤵
      • Program crash
      PID:3056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2464-0-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

  • memory/2464-1-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB