Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 07:14

General

  • Target

    11dec1799908567f1b8d04e9d3a61a96.exe

  • Size

    115KB

  • MD5

    11dec1799908567f1b8d04e9d3a61a96

  • SHA1

    0271077f37a28a14fd458f73cf4cb0417ee7f6f3

  • SHA256

    5410954a1b84fb8e137ea258210bf38fb5029bce91fe8bd9266ad0a7b1445a1b

  • SHA512

    ec30b74035f77954dfd1920c3e7ba97b558034b36064b8e513b5653a8ad3c3d4bb8e8419e8503560e99fbb0d04e18907f93720a60242d92ee704aba987a1d2fb

  • SSDEEP

    3072:rvkGO9TMGNG0WycxnvdwOxQZbGL6msFhx2DmeA2:TkGmMGky+iO+GCh0Dbz

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\11dec1799908567f1b8d04e9d3a61a96.exe
    "C:\Users\Admin\AppData\Local\Temp\11dec1799908567f1b8d04e9d3a61a96.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1660
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1660 -s 116
      2⤵
      • Program crash
      PID:1960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads