Analysis

  • max time kernel
    141s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/02/2024, 04:30

General

  • Target

    adb15887d9acc8431347efdd49d276b2.exe

  • Size

    3.0MB

  • MD5

    adb15887d9acc8431347efdd49d276b2

  • SHA1

    a9e9c80aed64a8d11964948d2e6714d44aade96f

  • SHA256

    5d9a083d0bfdec480b86aa3229663d10cbd685dd30f7280f9c8851c358894707

  • SHA512

    53827259aa437c20f65bf51c0db4f513c5a89243b1040dceebd0887ba433f7a11f6e04478636102cb6bf5790a55990db10eff0c6ff55f6d1c527df42b97da893

  • SSDEEP

    49152:+1YVpM4HSYnHtfKGGLTryHy213+sRq1j7AIIb/7EpRp3uzQyZ+J4uBzrSv5uu:+SVpM4HSYfys/qAVjQRp3hI+iKzWxh

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\adb15887d9acc8431347efdd49d276b2.exe
    "C:\Users\Admin\AppData\Local\Temp\adb15887d9acc8431347efdd49d276b2.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2840
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2840 -s 140
      2⤵
      • Program crash
      PID:2856

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2840-0-0x0000000000400000-0x0000000000F85000-memory.dmp

          Filesize

          11.5MB