dccf2b5a5f1bdf07c5060306a125caef3d30abe063a73d45633d80ca407cdc74

Analysis

max time kernel
142s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
12/02/2024, 14:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

975b68a67ae831b61e6e77dc22f2b332.exe
Size

1.1MB
MD5

975b68a67ae831b61e6e77dc22f2b332
SHA1

65aec7e906858e9e172b30731d0fcd041d93b850
SHA256

dccf2b5a5f1bdf07c5060306a125caef3d30abe063a73d45633d80ca407cdc74
SHA512

a8974cdd3859d0b7c3af7526550631ac6558ed6d16e0f5103df1c638a82529e0e88853f2ae9a077b255891ede14f75c7c1bc7616ff3c3b0fcf70e6e65e08eb39
SSDEEP

24576:g06DaBnIAkwDorAx3D7K9XWimM0bPALj83Z7RAQfN:n68ImDo85D7iXEM0rpf

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2472	760	WerFault.exe	27

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
760	975b68a67ae831b61e6e77dc22f2b332.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 760 wrote to memory of 2472	760	975b68a67ae831b61e6e77dc22f2b332.exe	28
PID 760 wrote to memory of 2472	760	975b68a67ae831b61e6e77dc22f2b332.exe	28
PID 760 wrote to memory of 2472	760	975b68a67ae831b61e6e77dc22f2b332.exe	28
PID 760 wrote to memory of 2472	760	975b68a67ae831b61e6e77dc22f2b332.exe	28

C:\Users\Admin\AppData\Local\Temp\975b68a67ae831b61e6e77dc22f2b332.exe
"C:\Users\Admin\AppData\Local\Temp\975b68a67ae831b61e6e77dc22f2b332.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:760
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 760 -s 276
  2⤵
  - Program crash
  PID:2472

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/760-0-0x0000000000400000-0x0000000000571000-memory.dmp

Filesize
1.4MB

Download
memory/760-1-0x0000000001DB0000-0x0000000001E02000-memory.dmp

Filesize
328KB

Download
memory/760-11-0x00000000034A0000-0x00000000034A4000-memory.dmp

Filesize
16KB

Download
memory/760-12-0x00000000034B0000-0x00000000034B1000-memory.dmp

Filesize
4KB

Download
memory/760-10-0x0000000001E30000-0x0000000001E31000-memory.dmp

Filesize
4KB

Download
memory/760-8-0x0000000001E40000-0x0000000001E41000-memory.dmp

Filesize
4KB

Download
memory/760-9-0x0000000001E50000-0x0000000001E51000-memory.dmp

Filesize
4KB

Download
memory/760-7-0x0000000001E60000-0x0000000001E61000-memory.dmp

Filesize
4KB

Download
memory/760-6-0x0000000001FA0000-0x0000000001FA1000-memory.dmp

Filesize
4KB

Download
memory/760-5-0x0000000001FB0000-0x0000000001FB1000-memory.dmp

Filesize
4KB

Download
memory/760-4-0x0000000001E10000-0x0000000001E11000-memory.dmp

Filesize
4KB

Download
memory/760-2-0x0000000001E80000-0x0000000001E81000-memory.dmp

Filesize
4KB

Download
memory/760-3-0x0000000001E70000-0x0000000001E71000-memory.dmp

Filesize
4KB

Download
memory/760-14-0x0000000003620000-0x0000000003621000-memory.dmp

Filesize
4KB

Download
memory/760-13-0x0000000003490000-0x0000000003494000-memory.dmp

Filesize
16KB

Download
memory/760-16-0x0000000003500000-0x0000000003501000-memory.dmp

Filesize
4KB

Download
memory/760-15-0x0000000000710000-0x0000000000711000-memory.dmp

Filesize
4KB

Download
memory/760-17-0x0000000003510000-0x0000000003511000-memory.dmp

Filesize
4KB

Download
memory/760-18-0x0000000000220000-0x0000000000221000-memory.dmp

Filesize
4KB

Download
memory/760-19-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/760-20-0x00000000034C0000-0x00000000034C1000-memory.dmp

Filesize
4KB

Download
memory/760-21-0x0000000001FC0000-0x0000000001FC1000-memory.dmp

Filesize
4KB

Download
memory/760-22-0x00000000034E0000-0x00000000034E1000-memory.dmp

Filesize
4KB

Download
memory/760-23-0x00000000034D0000-0x00000000034D1000-memory.dmp

Filesize
4KB

Download
memory/760-24-0x00000000034F0000-0x00000000034F1000-memory.dmp

Filesize
4KB

Download
memory/760-25-0x0000000002610000-0x0000000002611000-memory.dmp

Filesize
4KB

Download
memory/760-26-0x0000000002560000-0x0000000002561000-memory.dmp

Filesize
4KB

Download
memory/760-27-0x00000000028D0000-0x00000000028D1000-memory.dmp

Filesize
4KB

Download
memory/760-29-0x0000000003630000-0x0000000003631000-memory.dmp

Filesize
4KB

Download
memory/760-28-0x0000000002820000-0x0000000002821000-memory.dmp

Filesize
4KB

Download
memory/760-30-0x00000000036E0000-0x00000000036E1000-memory.dmp

Filesize
4KB

Download
memory/760-31-0x00000000036D0000-0x00000000036D1000-memory.dmp

Filesize
4KB

Download
memory/760-32-0x0000000003700000-0x0000000003701000-memory.dmp

Filesize
4KB

Download
memory/760-33-0x00000000036F0000-0x00000000036F1000-memory.dmp

Filesize
4KB

Download
memory/760-34-0x0000000000400000-0x0000000000571000-memory.dmp

Filesize
1.4MB

Download
memory/760-35-0x0000000001DB0000-0x0000000001E02000-memory.dmp

Filesize
328KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads