Analysis
-
max time kernel
154s -
max time network
167s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
04-01-2024 15:49
General
-
Target
41459c656df029d96586f193d01a4b0e.exe
-
Size
3.4MB
-
MD5
41459c656df029d96586f193d01a4b0e
-
SHA1
5457ee83d78368acc12bd306c4524c3da934f200
-
SHA256
08ecde2579ce0db26c35175ad6ce07f0f6e859ee583685a576e3a583f185a82f
-
SHA512
9b3dd65292eb4ac70c496ea9a953d85242a942068263daf22c37bd11840768a8656c752935634ba709861f84b539547356c45e6b4f856861e76bb32fa2f2563b
-
SSDEEP
49152:Ss1rGENwNLZigay118YovFbZIKTeWojCTDSLuM3P3mweVqZs2oJIi5cXVbLaaC2:SshNuLZigV118YAhEREVvan
Score
3/10
Malware Config
Signatures
-
Program crash 2 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\41459c656df029d96586f193d01a4b0e.exe"C:\Users\Admin\AppData\Local\Temp\41459c656df029d96586f193d01a4b0e.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4256 -s 2882⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4256 -s 2882⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 192 -p 4256 -ip 42561⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.0MB
-
Filesize
4.0MB