5d381c2e3837f256d64e53f16eb24ef0e895c79ec6ae8f660714009ebfd6617b

Analysis

max time kernel
141s
max time network
164s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31-12-2023 01:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

229a9355d47d97efb9306cd40a1564d2.exe
Size

619KB
MD5

229a9355d47d97efb9306cd40a1564d2
SHA1

00cbb191358c79a193c93a3fe6bf910dccbd2e36
SHA256

5d381c2e3837f256d64e53f16eb24ef0e895c79ec6ae8f660714009ebfd6617b
SHA512

027e746870c2a9bdc169b21f4c0783c6d2cd465863f958a38d1d9782f743a5defaec43aab791795c14e94fc67770f617128df1e8ef4c88e59448d7d6c0427e36
SSDEEP

12288:jAx3f0rTsG4FrSwhfMH4FrxokWtg+ufCgORq/JBV1Ls2LMpB8ae:iPMTPWuyfMYFrxJWUfROM/JBV1Ls2wBG

Score

3^/10

Malware Config

Signatures

Program crash 2 IoCs

pid	pid_target	Process	procid_target
2216	4712	WerFault.exe	86
3544	4712	WerFault.exe	86

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4712 wrote to memory of 2216	4712	229a9355d47d97efb9306cd40a1564d2.exe	96
PID 4712 wrote to memory of 2216	4712	229a9355d47d97efb9306cd40a1564d2.exe	96
PID 4712 wrote to memory of 2216	4712	229a9355d47d97efb9306cd40a1564d2.exe	96

C:\Users\Admin\AppData\Local\Temp\229a9355d47d97efb9306cd40a1564d2.exe
"C:\Users\Admin\AppData\Local\Temp\229a9355d47d97efb9306cd40a1564d2.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4712
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4712 -s 1908
  2⤵
  - Program crash
  PID:2216
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4712 -s 1908
  2⤵
  - Program crash
  PID:3544

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 4712 -ip 4712
1⤵
PID:3748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4712-6-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-7-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-8-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-11-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-12-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-10-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-9-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-13-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-15-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-14-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-16-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-17-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-19-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-18-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-20-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-21-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-22-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-23-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-24-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-25-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-26-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-27-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-29-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-30-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-31-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-32-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-33-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-34-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-35-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-36-0x0000000002570000-0x0000000002580000-memory.dmp

Filesize
64KB

Download
memory/4712-37-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-41-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-39-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-42-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-43-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-44-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-45-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-47-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-49-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-51-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-46-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-52-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-53-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-55-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-54-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-56-0x0000000002570000-0x0000000002580000-memory.dmp

Filesize
64KB

Download
memory/4712-57-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-58-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-60-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-61-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-62-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-63-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download
memory/4712-64-0x0000000002510000-0x0000000002520000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads