Analysis
-
max time kernel
141s -
max time network
162s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
15-03-2024 23:19
General
-
Target
cc8296ecc8a4dc01f98ddbc2bb2776a3.exe
-
Size
124KB
-
MD5
cc8296ecc8a4dc01f98ddbc2bb2776a3
-
SHA1
e0f44d6314337581c2b93173f3e681b7ab5fc9a4
-
SHA256
ea91378933b98705712405653bfc8097b0c738382adb2340b3db89ce814663d4
-
SHA512
46a5121c5a80859cddb8d082ac1367b1e50d288da4165b02c2d5de9abf9906d2c910d10b9f5599d390c0e74423d72e5532c94ce8d5d4c951fd0bcb16f47d1b77
-
SSDEEP
1536:pIb0cElKG7MBEy0FBZEy0FBdncocT29KBRCZRtPMUUXII:pIMNY0Fp0FvcVy0R2RR
Score
3/10
Malware Config
Signatures
-
Program crash 3 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\cc8296ecc8a4dc01f98ddbc2bb2776a3.exe"C:\Users\Admin\AppData\Local\Temp\cc8296ecc8a4dc01f98ddbc2bb2776a3.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 116 -s 4402⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 116 -s 4402⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 116 -s 4402⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 116 -ip 1161⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3756 --field-trial-handle=2248,i,10247514684337323751,15511974759131734137,262144 --variations-seed-version /prefetch:81⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 116 -ip 1161⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
160KB
-
Filesize
160KB