Overview

overview

3

Static

static

3

85e7587a20...f1.exe

windows7-x64

1

85e7587a20...f1.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/02/2024, 04:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    85e7587a2013104dae85c32865728f1176a555502c4c594faf7ebf68ae2773f1.exe

  • Size

    205KB

  • MD5

    fb762c252cc13bdd00a44b32fe5fcac6

  • SHA1

    9b686034a4987f57379547a18a1b304d4b7d9395

  • SHA256

    85e7587a2013104dae85c32865728f1176a555502c4c594faf7ebf68ae2773f1

  • SHA512

    d5f1ddcd17de60729744a8fe40124e1671c06d876d82935ad217cde88a1c33ec3b471877470d12b361a6c766909ded301084d797f6a8b395a28e55f6db34c670

  • SSDEEP

    3072:QFKBL3vQgpml9XGEPCIFluUXQKL9DzOp8dcc6cONXYAA8Vk5I7:QMBL4gpmfVPuCb9Pjd8cOBYAGI

Score
3/10

Malware Config

Signatures

  • Program crash 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\85e7587a2013104dae85c32865728f1176a555502c4c594faf7ebf68ae2773f1.exe
    "C:\Users\Admin\AppData\Local\Temp\85e7587a2013104dae85c32865728f1176a555502c4c594faf7ebf68ae2773f1.exe"
    1⤵
      PID:3328
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3328 -s 748
        2⤵
        • Program crash
        PID:1280
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3328 -s 732
        2⤵
        • Program crash
        PID:4032
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3328 -s 772
        2⤵
        • Program crash
        PID:4436
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3328 -s 836
        2⤵
        • Program crash
        PID:1848
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3328 -s 908
        2⤵
        • Program crash
        PID:4696
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3328 -s 980
        2⤵
        • Program crash
        PID:636
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3328 -s 752
        2⤵
        • Program crash
        PID:2432
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3328 -ip 3328
      1⤵
        PID:2740
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 3328 -ip 3328
        1⤵
          PID:4368
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 3328 -ip 3328
          1⤵
            PID:3068
          • C:\Windows\SysWOW64\WerFault.exe
            C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 3328 -ip 3328
            1⤵
              PID:2560
            • C:\Windows\SysWOW64\WerFault.exe
              C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 3328 -ip 3328
              1⤵
                PID:2208
              • C:\Windows\SysWOW64\WerFault.exe
                C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3328 -ip 3328
                1⤵
                  PID:4376
                • C:\Windows\SysWOW64\WerFault.exe
                  C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3328 -ip 3328
                  1⤵
                    PID:4712

                  Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  • memory/3328-1-0x0000000000950000-0x0000000000A50000-memory.dmp

                    Filesize

                    1024KB

                    Download

                  • memory/3328-2-0x0000000002460000-0x000000000248E000-memory.dmp

                    Filesize

                    184KB

                    Download

                  • memory/3328-3-0x0000000000400000-0x0000000000853000-memory.dmp

                    Filesize

                    4.3MB

                    Download

                  • memory/3328-6-0x0000000000950000-0x0000000000A50000-memory.dmp

                    Filesize

                    1024KB

                    Download

                  • memory/3328-7-0x0000000002460000-0x000000000248E000-memory.dmp

                    Filesize

                    184KB

                    Download