973a8e60513e206f520980bff85c3fdcb1d35b53a4ca708276abe81157772abf | Triage

Analysis

max time kernel
91s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
13/02/2024, 13:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

9992fd640ee99a82c7bd2cf6bbfea323.exe
Size

25KB
MD5

9992fd640ee99a82c7bd2cf6bbfea323
SHA1

ea624da64d3089ad3b116babe7ca08f3516e99d2
SHA256

973a8e60513e206f520980bff85c3fdcb1d35b53a4ca708276abe81157772abf
SHA512

26383f5cc34e5d2275f71c189a3a27327196d3678db75de58f8cf986d0c1ab5012fb2d815a8bce100bfd881deee13b3b2081e7b703a0636ee84dcf9a016a57dc
SSDEEP

768:gHUzfsG66ShNbIO0dgXAkrTT9erh07T5P:2G668NbOaTrPc2N

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3544	3480	WerFault.exe	83

C:\Users\Admin\AppData\Local\Temp\9992fd640ee99a82c7bd2cf6bbfea323.exe
"C:\Users\Admin\AppData\Local\Temp\9992fd640ee99a82c7bd2cf6bbfea323.exe"
1⤵
PID:3480
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3480 -s 380
  2⤵
  - Program crash
  PID:3544

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 3480 -ip 3480
1⤵
PID:1816

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3480-0-0x0000000013140000-0x00000000131C8000-memory.dmp

Filesize
544KB

Download
memory/3480-1-0x00000000001C0000-0x00000000001C5000-memory.dmp

Filesize
20KB

Download
memory/3480-2-0x0000000013140000-0x00000000131C8000-memory.dmp

Filesize
544KB

Download