Analysis
-
max time kernel
141s -
max time network
164s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
19-03-2024 05:01
General
-
Target
d54380f953e1ec9581130143c4922eb5.exe
-
Size
243KB
-
MD5
d54380f953e1ec9581130143c4922eb5
-
SHA1
79d16728373632ce6ff1153541f0323085069539
-
SHA256
99200990542dee7794486cd828fa4883502037d620a39be5eb16beb94085b2b2
-
SHA512
c8a6c2e1ba703a3d7c5313a6f87f81c2ba8a5302e661c84b8af2d61d7b4472c0e7e6369cbe56ef1c460b698ce6bbe78fc9229e4d4030a1a2708d310f98b4fb97
-
SSDEEP
6144:N0/4jkcyqO3YcK7fD2RysX+001urGFCbeY/B0ZiLwkTFG:W/4TyT8KRQ000UKlp+oTF
Score
3/10
Malware Config
Signatures
-
Program crash 2 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\d54380f953e1ec9581130143c4922eb5.exe"C:\Users\Admin\AppData\Local\Temp\d54380f953e1ec9581130143c4922eb5.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5000 -s 4242⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5000 -s 4242⤵
- Program crash
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 5000 -ip 50001⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4036 --field-trial-handle=2292,i,2103142837140538807,15881446839139365070,262144 --variations-seed-version /prefetch:81⤵