4535b725fc456a4e0eff35dfff80f6161f3407299d61d05768d90b3b5759f790 | Triage

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31/12/2023, 07:11

Sharing

Report Analysis Logs

General

Target

2ce49505391e864ae04d900d22590396.exe
Size

27KB
MD5

2ce49505391e864ae04d900d22590396
SHA1

fc9ab860ce4d8d2bab3adc5c15cfd700e0f96668
SHA256

4535b725fc456a4e0eff35dfff80f6161f3407299d61d05768d90b3b5759f790
SHA512

5bcc15038b738540c214e76573ac746766641dda058bd757130d3bce02577d256e5adfc46bd12b92711762041840c4ff46a96501b25f381d959eaa766488a0ac
SSDEEP

768:o6K8BBdfs1jlOf8c9sDL41wD0/AlSZLgddFenc:ogB01J1HEGJAZcddFZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4188-0-0x0000000000400000-0x000000000040E000-memory.dmp	upx
behavioral2/memory/4188-1-0x0000000000400000-0x000000000040E000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4896	4188	WerFault.exe	49

C:\Users\Admin\AppData\Local\Temp\2ce49505391e864ae04d900d22590396.exe
"C:\Users\Admin\AppData\Local\Temp\2ce49505391e864ae04d900d22590396.exe"
1⤵
PID:4188
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4188 -s 248
  2⤵
  - Program crash
  PID:4896

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4188 -ip 4188
1⤵
PID:3744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4188-0-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/4188-1-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download