Analysis
-
max time kernel
15s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
26/03/2024, 13:58
General
-
Target
bf8323854dc1388f22d16fa7f8936e18c56e5be5a239805896777f2b4dcf360a.exe
-
Size
296KB
-
MD5
5dc3a8af94bfdaeaca96817a54a652e1
-
SHA1
4f5c8a580f9ed3858a5edb0b2c43097c0436075c
-
SHA256
bf8323854dc1388f22d16fa7f8936e18c56e5be5a239805896777f2b4dcf360a
-
SHA512
b65616bb69c67505a162df04a3e73b0e2b0ed745f7bff7c13ea073c395fe7212110f6c9ad74e0b78fa52d482943537fe574c69da72680030619b034d9b3d0487
-
SSDEEP
3072:yPlzc7W0PDFNZgxmeXjVoCmFfAP46CAdH+IAwy3YO3ZTs1ncHR/Yv3uegsPUSxQl:yhcJDFzgoeXjcW95dAjQ/2Hb
Score
7/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\bf8323854dc1388f22d16fa7f8936e18c56e5be5a239805896777f2b4dcf360a.exe"C:\Users\Admin\AppData\Local\Temp\bf8323854dc1388f22d16fa7f8936e18c56e5be5a239805896777f2b4dcf360a.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1996 -s 442⤵
- Program crash
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
300KB