31a5173a0c598156190dea577b35a3e049ef751dcb18741c665d956014e61d18 | Triage

Analysis

max time kernel
139s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
08/01/2024, 20:06

Sharing

Report Analysis Logs

General

Target

b4134704a0d979b5cbe3741df7263489.exe
Size

1.9MB
MD5

b4134704a0d979b5cbe3741df7263489
SHA1

2d3ace1c9a6f0cdf36b95ce1c16548078d748e99
SHA256

31a5173a0c598156190dea577b35a3e049ef751dcb18741c665d956014e61d18
SHA512

b3ee5c43e614f96b53ae275824fe64940be11fd9617c5bdd7f515c3345b840e8a8d5abe2b3fa7d64c6bdcd632fef86665d7a957355bd89e2dcfef1a9130ea3d6
SSDEEP

24576:BG2ae80SKaSaa222aue0ae8e0eaaaaaaaaam22aaag:B4ve1ef

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3292	5040	WerFault.exe	12

C:\Users\Admin\AppData\Local\Temp\b4134704a0d979b5cbe3741df7263489.exe
"C:\Users\Admin\AppData\Local\Temp\b4134704a0d979b5cbe3741df7263489.exe"
1⤵
PID:5040
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 5040 -s 256
  2⤵
  - Program crash
  PID:3292

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 5040 -ip 5040
1⤵
PID:2060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5040-0-0x0000000000400000-0x0000000000408D64-memory.dmp

Filesize
35KB

Download
memory/5040-2-0x0000000000400000-0x0000000000410000-memory.dmp

Filesize
64KB

Download
memory/5040-1-0x0000000000520000-0x0000000000531000-memory.dmp

Filesize
68KB

Download
memory/5040-4-0x0000000000400000-0x0000000000408D64-memory.dmp

Filesize
35KB

Download