Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/03/2024, 15:08

General

  • Target

    beebaa5e9bcf800d58a89bbc2b27d48e.exe

  • Size

    4KB

  • MD5

    beebaa5e9bcf800d58a89bbc2b27d48e

  • SHA1

    aa1abc3e9864ea96230c5ffba12faabc0e13fe79

  • SHA256

    e46ef70bfc8c60d04126ed120ad18231297a71b8d98f8b156a763d196d01f282

  • SHA512

    1b751a7ec563bcf8476ee8a99308d10a250c98f1e5646e439987ddf3ffdf447b1b2b12e8a73c58da89c15ddfcbe368b5914d6b66b93b75524f951970a41e08d9

  • SSDEEP

    48:SdnGByS49mPB4ffKBWBwQIZWbRV12pXdmDq5WwGh7883l5vCDlZklv:9XFhEpEWgpNo6Ww8xCpW

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\beebaa5e9bcf800d58a89bbc2b27d48e.exe
    "C:\Users\Admin\AppData\Local\Temp\beebaa5e9bcf800d58a89bbc2b27d48e.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1456
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1456 -s 92
      2⤵
      • Program crash
      PID:1588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1456-0-0x0000000001000000-0x0000000001003000-memory.dmp

    Filesize

    12KB

  • memory/1456-1-0x0000000001000000-0x0000000001003000-memory.dmp

    Filesize

    12KB