Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
25-01-2024 17:36
Behavioral task
behavioral1
Sample
751c4224e4b8e7be4fdf68a690337275.exe
Resource
win7-20231215-en
windows7-x64
1 signatures
150 seconds
General
-
Target
751c4224e4b8e7be4fdf68a690337275.exe
-
Size
128KB
-
MD5
751c4224e4b8e7be4fdf68a690337275
-
SHA1
36bf5372c3f898074b4977990e4630ef846cea6a
-
SHA256
6065d78d62709f0fcfd25154d101bdb341873f9030a2f7fbeeaa8933d714ea91
-
SHA512
0750aff2c1acb4300eee0ed3c5a4bee786b502a2823c6c9ae6908dfed41899a1f01df80b1018b0db958615a8d213d4405ed4a3d2906f2a212760a2f4f495f57a
-
SSDEEP
3072:EP/HlUgy0HVuzv+k2c9YDk/jnmm3rDOj3AM0FQcgt1n:2ylSvQnfOjQM0FLY
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral2/memory/2272-0-0x0000000001000000-0x000000000104A000-memory.dmp upx behavioral2/memory/2272-1-0x0000000001000000-0x000000000104A000-memory.dmp upx -
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target Process procid_target 220 2272 WerFault.exe 85
Processes
-
C:\Users\Admin\AppData\Local\Temp\751c4224e4b8e7be4fdf68a690337275.exe"C:\Users\Admin\AppData\Local\Temp\751c4224e4b8e7be4fdf68a690337275.exe"1⤵PID:2272
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2272 -s 2922⤵
- Program crash
PID:220
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 2272 -ip 22721⤵PID:1996