efe3499ee8e6b6d233e8b5d4e413d58d3e08c267b7a0d0e82143a295139a5cf5

Analysis

max time kernel
93s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
24/02/2024, 07:40

Target

2024-02-24_b78e4a52321f638c50f96406693a1752_virlock.exe
Size

110KB
MD5

b78e4a52321f638c50f96406693a1752
SHA1

ac5a4049475c799941ba14258eb8a2f7e84e4d81
SHA256

efe3499ee8e6b6d233e8b5d4e413d58d3e08c267b7a0d0e82143a295139a5cf5
SHA512

8736002e9f78bd9620cf3009a55d772741c79b79727d644647db9e2fe03d46e32fe6e575f73b5dc0d76396ac2a46c3a9f3924733092106d7f3ad99e7d8df8238
SSDEEP

3072:C+ELoeWuaYn5SnoVsDNtWFL2Omdib8lwvwa:CFLfb5SnovmS8lwIa

Score

3^/10

Program crash 3 IoCs

pid	pid_target	Process	procid_target
1624	3388	WerFault.exe	83
3428	3388	WerFault.exe	83
3028	3388	WerFault.exe	83

C:\Users\Admin\AppData\Local\Temp\2024-02-24_b78e4a52321f638c50f96406693a1752_virlock.exe
"C:\Users\Admin\AppData\Local\Temp\2024-02-24_b78e4a52321f638c50f96406693a1752_virlock.exe"
1⤵
PID:3388
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3388 -s 228
  2⤵
  - Program crash
  PID:1624
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3388 -s 228
  2⤵
  - Program crash
  PID:3428
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3388 -s 224
  2⤵
  - Program crash
  PID:3028

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3388 -ip 3388
1⤵
PID:5084

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 480 -p 3388 -ip 3388
1⤵
PID:4800

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 3388 -ip 3388
1⤵
PID:3408

memory/3388-0-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/3388-1-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download