Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25-01-2024 17:33
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
751ad929eaccc3e19022d7ae7eddc207.exe
Resource
win7-20231215-en
windows7-x64
2 signatures
150 seconds
General
-
Target
751ad929eaccc3e19022d7ae7eddc207.exe
-
Size
12KB
-
MD5
751ad929eaccc3e19022d7ae7eddc207
-
SHA1
c578c2e4e11831cd5c1314824c86e6e77f7069db
-
SHA256
bc4a1ed4a78c851b6c8214e3cacc902b1d4954e7da4262eb85a688b8e5bdc0b8
-
SHA512
a455aba7a98481c27b87f9f29df74a4ebff5ef67e6c68bd036f9edb5c55f7acd24ddd45807cd0cbac14d0ca4234560e9c27c8b6aef64ff5647b67cbae949f6d1
-
SSDEEP
96:cdGI4BGCdXJJBJFsXjug+efRUjgJ6j/Od71yQtQKQYQ:cM0MXJjkjuIRUsa/Od7MQjQYQ
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target Process procid_target 2316 2204 WerFault.exe 12 -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
751ad929eaccc3e19022d7ae7eddc207.exedescription pid Process procid_target PID 2204 wrote to memory of 2316 2204 751ad929eaccc3e19022d7ae7eddc207.exe 28 PID 2204 wrote to memory of 2316 2204 751ad929eaccc3e19022d7ae7eddc207.exe 28 PID 2204 wrote to memory of 2316 2204 751ad929eaccc3e19022d7ae7eddc207.exe 28 PID 2204 wrote to memory of 2316 2204 751ad929eaccc3e19022d7ae7eddc207.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\751ad929eaccc3e19022d7ae7eddc207.exe"C:\Users\Admin\AppData\Local\Temp\751ad929eaccc3e19022d7ae7eddc207.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2204 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2204 -s 882⤵
- Program crash
PID:2316
-