Overview

overview

3

Static

static

3

ac522a3445...08.exe

windows7-x64

3

ac522a3445...08.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/02/2024, 16:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ac522a3445f74cab84c3e456df1fb608.exe

  • Size

    129KB

  • MD5

    ac522a3445f74cab84c3e456df1fb608

  • SHA1

    a8bab84b20057de9457941fa59dd083bba1290dc

  • SHA256

    63d261086f69ccec50830b5cd3f71aec0a32f4357497158f5921b3826632b0b1

  • SHA512

    deba6c2339ad2544458b69b135a45f9e806b46f5a1e947fe7852832a25eb655f9b59bb1284db58130f9cf4070e3900613ce5d9f594c388c25948a10207c606cd

  • SSDEEP

    3072:mA0xHR6ZbXP8lDQB9eJiKaDy4dqiFu+HbUBX6TwIC:mAqR6NXP4DQB9OaeMu+7UV6cIC

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ac522a3445f74cab84c3e456df1fb608.exe
    "C:\Users\Admin\AppData\Local\Temp\ac522a3445f74cab84c3e456df1fb608.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2956
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2956 -s 460
      2⤵
      • Program crash
      PID:2428
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 188 -p 2956 -ip 2956
    1⤵
      PID:4600

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2956-0-0x0000000000400000-0x0000000000446000-memory.dmp

            Filesize

            280KB

            Download

          • memory/2956-1-0x00000000001C0000-0x00000000001CA000-memory.dmp

            Filesize

            40KB

            Download

          • memory/2956-2-0x00000000001C0000-0x00000000001CA000-memory.dmp

            Filesize

            40KB

            Download

          • memory/2956-3-0x0000000000400000-0x0000000000446000-memory.dmp

            Filesize

            280KB

            Download