Overview

overview

3

Static

static

3

722de77bf9...6a.exe

windows7-x64

3

722de77bf9...6a.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24/01/2024, 11:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    722de77bf9c870e3a7b5c2f78a83b26a.exe

  • Size

    487KB

  • MD5

    722de77bf9c870e3a7b5c2f78a83b26a

  • SHA1

    3c9b039ec8339721c731ef6c5b6847cfbe2e9dac

  • SHA256

    7d68a1c516c5fb4e6b1075bc9e80d2b42dd58c72d4eebcec3aa08e40bcc35073

  • SHA512

    0f07fc8adf141e6066c2073c1db94b7484dc1cd7e40eaf63b881f7fbfc6435bea8cc256020b18619334b4dbd64a86221984ab1b2a67e403d417730f1e84c05bd

  • SSDEEP

    6144:khEhTcRiBeEeN3BoLqB/82UGAzxiTX5i5F7wi5rBirguK46RS79Tzx1xK04F8k+2:PTwEeNxwC9u6JiL1Bi2RSZtK0Lk+Uj

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 2152 -s 36
    1⤵
    • Program crash
    PID:2188
  • C:\Users\Admin\AppData\Local\Temp\722de77bf9c870e3a7b5c2f78a83b26a.exe
    "C:\Users\Admin\AppData\Local\Temp\722de77bf9c870e3a7b5c2f78a83b26a.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2152

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2152-0-0x0000000000400000-0x0000000000478000-memory.dmp

          Filesize

          480KB

          Download