Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
08-03-2024 08:23
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
CordKilla.exe
Resource
win7-20240221-en
2 signatures
150 seconds
General
-
Target
CordKilla.exe
-
Size
12KB
-
MD5
dcdfa5d5c5a013d16892fc8b8cf21278
-
SHA1
d60aa6cbfdfcb541bd3cc9e828988b58e1e04d11
-
SHA256
a62184b1ac0ca25e93fff3b4522f84701ee69baea5dbeb851cddf52d215a47e6
-
SHA512
059d35c662a7be0e9cc14725fba41db6d3e0d1511db92d560858c3f88617417cb95cd1f482741e04d08a146af5ddf23a238b7085ab62f45a74c4de13a28cb7e6
-
SSDEEP
192:WUsDEp+7bADqC/YgQeUg4LBtiteQT3PpGlcc5+Rqm8Jf+wdyz:tsDLbADqUx4ateQ7xGWR9Ue
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2884 2028 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2028 wrote to memory of 2884 2028 CordKilla.exe 28 PID 2028 wrote to memory of 2884 2028 CordKilla.exe 28 PID 2028 wrote to memory of 2884 2028 CordKilla.exe 28 PID 2028 wrote to memory of 2884 2028 CordKilla.exe 28