Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06-03-2024 17:47

General

  • Target

    Hyper35.exe

  • Size

    18.0MB

  • MD5

    4a6724d7514e0e5636a934e5747a7037

  • SHA1

    a906739b54ed859157e1d20066217b26460791ea

  • SHA256

    f707e336202f40d926e441733c90827d4212df18bd4668fc996955b43dd279ce

  • SHA512

    d299cbc5cf08d1ebd24a31c44f6fe1e0ba0abdc3629722c04b2ee953e20dd6bd14a39bfb26f557e1133185ec37bbaf8a431c1598e9058555ab735f2d355df01e

  • SSDEEP

    192:5+8Jo0+qgQEJVqHOuzyRIQCKb67R57KLl2guBucZWLTMHm2L4ldyki:5+wjgdkHOugIQCKbyz7klANQLTMG2F

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Hyper35.exe
    "C:\Users\Admin\AppData\Local\Temp\Hyper35.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1584
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1584 -s 592
      2⤵
      • Program crash
      PID:2348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1584-0-0x0000000000040000-0x000000000004A000-memory.dmp

    Filesize

    40KB

  • memory/1584-2-0x0000000074520000-0x0000000074C0E000-memory.dmp

    Filesize

    6.9MB

  • memory/1584-1-0x0000000000440000-0x000000000045A000-memory.dmp

    Filesize

    104KB

  • memory/1584-4-0x0000000004630000-0x0000000004670000-memory.dmp

    Filesize

    256KB

  • memory/1584-3-0x0000000000470000-0x000000000047A000-memory.dmp

    Filesize

    40KB

  • memory/1584-5-0x0000000074520000-0x0000000074C0E000-memory.dmp

    Filesize

    6.9MB

  • memory/1584-6-0x0000000004630000-0x0000000004670000-memory.dmp

    Filesize

    256KB