b3086822a6caf5f04dc9feb5136b7884336eff359e539519cfbcfefd3f90e0ae | Triage

Analysis

max time kernel
91s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
14-02-2024 14:17

Sharing

Report Analysis Logs

General

Target

9be54e65617909d820fe58cecd90736f.exe
Size

155KB
MD5

9be54e65617909d820fe58cecd90736f
SHA1

6a04b823ccb8e8b2d5ad453faf4c5138c9e2a41c
SHA256

b3086822a6caf5f04dc9feb5136b7884336eff359e539519cfbcfefd3f90e0ae
SHA512

57b71cee890203094a9206e8b340dcbbc863d8da7d0d47013b47bde2ffc24f3d3545a2bf0d2e933e1575f1d7706637dd7d375a192e8a9c2e218af771d2c825c3
SSDEEP

3072:hLLoFmS9i6mDn0qr3Uk8VqwoWgUuvz6bakqBsQ:dmmS9rrqLgWzk

Score

3^/10

Malware Config

Signatures

Program crash 2 IoCs

pid	pid_target	Process	procid_target
4984	2256	WerFault.exe	84
1004	2256	WerFault.exe	84

C:\Users\Admin\AppData\Local\Temp\9be54e65617909d820fe58cecd90736f.exe
"C:\Users\Admin\AppData\Local\Temp\9be54e65617909d820fe58cecd90736f.exe"
1⤵
PID:2256
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2256 -s 220
  2⤵
  - Program crash
  PID:4984
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2256 -s 264
  2⤵
  - Program crash
  PID:1004

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 2256 -ip 2256
1⤵
PID:1164

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 2256 -ip 2256
1⤵
PID:4196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2256-0-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2256-1-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download