e0dd242ccbf9b60c4c801534e43478e6acd4d691f3330528326bc3470aaac7bd

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
15-01-2024 03:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

25000.exe
Size

1.3MB
MD5

4386706f14a77b47736e5e487e515861
SHA1

4c7feb1c9f69a9fb4bd2b3cf7041fd7e840bf7a6
SHA256

e0dd242ccbf9b60c4c801534e43478e6acd4d691f3330528326bc3470aaac7bd
SHA512

efb8027cc07237beb926b5dca09d524a0658ff0b4633f866bbe1410af57a5e9383fa54f3b1ec4adc13edfd446630686fbebeb14ebf0099d9357ca9c8ba0937aa
SSDEEP

24576:0pC8mUD6c7FFRIqZerzVhSpgyCGbkW9poKaVXDcq9:h8N7FFOSK+YWpbaRDv

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2580	2560	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2560 wrote to memory of 2580	2560	25000.exe	28
PID 2560 wrote to memory of 2580	2560	25000.exe	28
PID 2560 wrote to memory of 2580	2560	25000.exe	28
PID 2560 wrote to memory of 2580	2560	25000.exe	28

C:\Users\Admin\AppData\Local\Temp\25000.exe
"C:\Users\Admin\AppData\Local\Temp\25000.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2560
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2560 -s 196
  2⤵
  - Program crash
  PID:2580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2560-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2560-1-0x0000000076070000-0x00000000760B7000-memory.dmp

Filesize
284KB

Download
memory/2560-812-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-816-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-822-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-826-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-832-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-838-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-842-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-848-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-862-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-870-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-872-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-868-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-866-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-864-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-860-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-858-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-856-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-854-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-852-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-850-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-846-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-844-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-840-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-836-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-834-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-830-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-828-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-824-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-820-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-818-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-814-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download
memory/2560-811-0x0000000002590000-0x00000000026A1000-memory.dmp

Filesize
1.1MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads