Overview

overview

6

Static

static

3

97aa554ca1...39.exe

windows7-x64

6

97aa554ca1...39.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    92s
  • max time network
    121s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/02/2024, 02:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    97aa554ca1f489bc9553de882154bb39.exe

  • Size

    515KB

  • MD5

    97aa554ca1f489bc9553de882154bb39

  • SHA1

    bd0b0f6e84dbef3cc77585d1f2531f32c94544b5

  • SHA256

    40189d0f7cc8af2ea8c8fe4ad7e2035cca5f0d95df33c9593ca9619320e74305

  • SHA512

    510d180e55039b8dc6a226efa93f2b3ad6b219845d17eca4c1c8da2d8d8ae444b8f1207e617e60915fa1edadb71f309ed5e52a679de12b219250d2b6c0b11694

  • SSDEEP

    12288:XlZX4AU3yEW3Bnk6zaK76BnAf/g3/2Uv1uY1m1UbSwpSVSFpBgyua:Ds3yXkQS2/qOUv1tuaSVzyH

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\97aa554ca1f489bc9553de882154bb39.exe
    "C:\Users\Admin\AppData\Local\Temp\97aa554ca1f489bc9553de882154bb39.exe"
    1⤵
      PID:4152
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4152 -s 680
        2⤵
        • Program crash
        PID:3560
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4152 -s 720
        2⤵
        • Program crash
        PID:4540
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4152 -ip 4152
      1⤵
        PID:4992
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 4152 -ip 4152
        1⤵
          PID:4520

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4152-0-0x0000000000400000-0x000000000048A400-memory.dmp

          Filesize

          553KB

          Download

        • memory/4152-1-0x0000000002220000-0x00000000022ED000-memory.dmp

          Filesize

          820KB

          Download

        • memory/4152-2-0x0000000002220000-0x00000000022ED000-memory.dmp

          Filesize

          820KB

          Download

        • memory/4152-3-0x0000000002220000-0x00000000022ED000-memory.dmp

          Filesize

          820KB

          Download

        • memory/4152-4-0x0000000002220000-0x00000000022ED000-memory.dmp

          Filesize

          820KB

          Download

        • memory/4152-5-0x0000000002220000-0x00000000022ED000-memory.dmp

          Filesize

          820KB

          Download

        • memory/4152-6-0x0000000002220000-0x00000000022ED000-memory.dmp

          Filesize

          820KB

          Download

        • memory/4152-7-0x0000000002220000-0x00000000022ED000-memory.dmp

          Filesize

          820KB

          Download

        • memory/4152-8-0x0000000000400000-0x000000000048A400-memory.dmp

          Filesize

          553KB

          Download

        • memory/4152-13-0x0000000000400000-0x000000000048A400-memory.dmp

          Filesize

          553KB

          Download

        • memory/4152-14-0x000000007FE40000-0x000000007FE44000-memory.dmp

          Filesize

          16KB

          Download

        • memory/4152-12-0x0000000000400000-0x000000000048A400-memory.dmp

          Filesize

          553KB

          Download