Overview

overview

5

Static

static

3

1e594f7a3f...6c.exe

windows7-x64

5

1e594f7a3f...6c.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-12-2023 22:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1e594f7a3f2593bd0a9722035bc57d6c.exe

  • Size

    60KB

  • MD5

    1e594f7a3f2593bd0a9722035bc57d6c

  • SHA1

    6e19bd899720d27220accbca64e56acf52fbcef0

  • SHA256

    638794165fab839a3a10165495b3f2c611e64a3a0003406d9cada7db937422ea

  • SHA512

    b9195851c75e082ca57ae74d3c21c5368c9b70cd0cb603492bb6fbb13b0b61f1fb470a3cd3cedf669a0227eb93815d2a81f590fdfe3f618a12eddfef5c5e5f66

  • SSDEEP

    1536:CJ2J8P7xlXiiNqPBzngNstU5rHnPCfgkSyXclu:CRP9lXMptO7PCYrTo

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1e594f7a3f2593bd0a9722035bc57d6c.exe
    "C:\Users\Admin\AppData\Local\Temp\1e594f7a3f2593bd0a9722035bc57d6c.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3548
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3548 -s 280
      2⤵
      • Program crash
      PID:1208
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 204 -p 3548 -ip 3548
    1⤵
      PID:3204

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads