Analysis

  • max time kernel
    140s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    24-01-2024 21:52

General

  • Target

    72f1a0d4e5bae1eb02c2351e3be55b1b.exe

  • Size

    67KB

  • MD5

    72f1a0d4e5bae1eb02c2351e3be55b1b

  • SHA1

    46a53e5baa2fcd355197e4cc5cca8adf51c0ca29

  • SHA256

    5e6a4c3eab332abd97e8c655c4af8d3c41ec67e44cd412881acc0e4a6f8c0da5

  • SHA512

    cdd7a8be84d43a20bada970f69841bd10af8c7afa8dd5ba20034948d67246f881b4bafc48cfaf5b4c1ad25fb27c7d770d4be6e245d7247f8ac3f739fdd7872df

  • SSDEEP

    768:jSdIE6mCfD51bcgBH5T9Zztj7CzrWB7/dgSaijrOv74l3QDSHLne/3ilMYccKZ:Op0mg5Tf9u8Co2MldGYJKZ

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\72f1a0d4e5bae1eb02c2351e3be55b1b.exe
    "C:\Users\Admin\AppData\Local\Temp\72f1a0d4e5bae1eb02c2351e3be55b1b.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2224 -s 88
      2⤵
      • Program crash
      PID:2060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2224-0-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB