4263bf58ea8718f94dbd6c4b83ec3385efbc4845f3c5bb64ce59c5943ff74e99 | Triage

Analysis

max time kernel
147s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
01/01/2024, 18:04

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

3d849a353f04fb9243638f6327e66969.exe
Size

112KB
MD5

3d849a353f04fb9243638f6327e66969
SHA1

7538eafec097e90a513343caef27019df0deed54
SHA256

4263bf58ea8718f94dbd6c4b83ec3385efbc4845f3c5bb64ce59c5943ff74e99
SHA512

d23a518d476f89a948e4530febd773b6c827fd464f6702ebfae4b8ab7cd9f72c330348665162a9f9b18f420885afa5a178d91de0a8fef957fbc1f5d27e1e2ac6
SSDEEP

3072:98Zc0haH53F/y0nzTd6UjIWVvn+oU7aQu:t0qXzxHhvi7ju

Score

3^/10

Malware Config

Signatures

Program crash 2 IoCs

pid	pid_target	Process	procid_target
3368	4720	WerFault.exe	14
2008	4720	WerFault.exe	14

C:\Users\Admin\AppData\Local\Temp\3d849a353f04fb9243638f6327e66969.exe
"C:\Users\Admin\AppData\Local\Temp\3d849a353f04fb9243638f6327e66969.exe"
1⤵
PID:4720
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4720 -s 504
  2⤵
  - Program crash
  PID:3368
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4720 -s 508
  2⤵
  - Program crash
  PID:2008

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 4720 -ip 4720
1⤵
PID:4728

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 4720 -ip 4720
1⤵
PID:2524

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4720-0-0x0000000000400000-0x0000000000429000-memory.dmp

Filesize
164KB

Download
memory/4720-1-0x0000000000400000-0x0000000000429000-memory.dmp

Filesize
164KB

Download