Analysis

  • max time kernel
    162s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    07/01/2024, 19:35

General

  • Target

    a79c347cc0f264cc37d2c203a804ac58.exe

  • Size

    194KB

  • MD5

    a79c347cc0f264cc37d2c203a804ac58

  • SHA1

    0b2d6b3d3010cc005848deac046416d3dbdc48a9

  • SHA256

    ca83832bf8e83ac9a97a01e589435b4666efa33d5f2f7f54b89dd58363e4a264

  • SHA512

    8aabaa15dc7b5774c8f0127c4f32a10f3bcd6d48516391206e75e0f60ad99a004cb7b3f2f133c6cc74f659a227b5c71ea15f204bffbe496ce45c582c9395383a

  • SSDEEP

    3072:/OlHHBuNrVw61gCi+O5MUINLEXyI1x7TzM2exumeYJnssSTMiJN:/OlHhAVw6TLO5wFcyIvexumfZIMo

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a79c347cc0f264cc37d2c203a804ac58.exe
    "C:\Users\Admin\AppData\Local\Temp\a79c347cc0f264cc37d2c203a804ac58.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2884
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2884 -s 128
      2⤵
      • Program crash
      PID:2896

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2884-0-0x00000000001C0000-0x00000000001C2000-memory.dmp

          Filesize

          8KB

        • memory/2884-1-0x0000000000400000-0x000000000041D000-memory.dmp

          Filesize

          116KB

        • memory/2884-3-0x00000000001D0000-0x00000000001E0000-memory.dmp

          Filesize

          64KB

        • memory/2884-4-0x0000000000400000-0x000000000041D000-memory.dmp

          Filesize

          116KB