Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
05/03/2024, 02:06
Behavioral task
behavioral1
Sample
b37f62b9f19772785d077533f4eb5b73.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
b37f62b9f19772785d077533f4eb5b73.exe
Resource
win10v2004-20240226-en
1 signatures
150 seconds
General
-
Target
b37f62b9f19772785d077533f4eb5b73.exe
-
Size
118KB
-
MD5
b37f62b9f19772785d077533f4eb5b73
-
SHA1
b0490ae72c9aaae65277cd1adfaad44b2b38a560
-
SHA256
3374a2b52cf3d0b05ec02db7ca49791c882bdb91100129300c404c8f9cf7af67
-
SHA512
78fa634ddb0d72d943e616334d7646e89c41f88d9562fdb8b238e989fc205aad2530d3f5311d611a3620c4e791070fec42aa96e6aff76c0cae9eba2ccd6df6a5
-
SSDEEP
1536:5UOQU8B8a1olmiz0P7rKHcfhd8ednDlEnM3nWgE3opbhNmSTSoBZRdHn:z8B3oAi8YoDQinWg7FCSOw
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2184 2156 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2156 wrote to memory of 2184 2156 b37f62b9f19772785d077533f4eb5b73.exe 28 PID 2156 wrote to memory of 2184 2156 b37f62b9f19772785d077533f4eb5b73.exe 28 PID 2156 wrote to memory of 2184 2156 b37f62b9f19772785d077533f4eb5b73.exe 28 PID 2156 wrote to memory of 2184 2156 b37f62b9f19772785d077533f4eb5b73.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\b37f62b9f19772785d077533f4eb5b73.exe"C:\Users\Admin\AppData\Local\Temp\b37f62b9f19772785d077533f4eb5b73.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2156 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2156 -s 882⤵
- Program crash
PID:2184
-