Analysis
-
max time kernel
137s -
max time network
124s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
19/01/2024, 13:48
General
-
Target
67c6b42042053c3612e928cc593e85a8.exe
-
Size
230KB
-
MD5
67c6b42042053c3612e928cc593e85a8
-
SHA1
376def01c75feef9ec278980d6bea94661d05f6c
-
SHA256
4a6b31994025e7a6dcfeab2954dd3ae8aba701d227ac5b9684ca97e1031256c5
-
SHA512
96b9d82b6723eb4b5e6db247f2403d268ecd709fa70f9b3ee92e6ad8e102a5694ea84cc60e3d99daf3968f7fffa1384a7fa3fcec657ea9e8706c39048684b13e
-
SSDEEP
6144:/SpPWOoH3PhpTCjBUN65+VLRMQg2d9VPdyGY4qkMp:YPWFZpTCjuN0YL6Q7V1bqb
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious behavior: MapViewOfSection 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\67c6b42042053c3612e928cc593e85a8.exe"C:\Users\Admin\AppData\Local\Temp\67c6b42042053c3612e928cc593e85a8.exe"1⤵
- Suspicious behavior: MapViewOfSection
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\67c6b42042053c3612e928cc593e85a8.exe"C:\Users\Admin\AppData\Local\Temp\67c6b42042053c3612e928cc593e85a8.exe"2⤵
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4048 -s 4762⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4048 -ip 40481⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1024KB
-
Filesize
8KB