b7e46980edf43028b116ab589c2c51fc37d52c1ca1cf38e097b1bafc86be3ca6 | Triage

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
26-03-2024 20:27

Sharing

Report Analysis Logs

General

Target

notmyfault.exe
Size

232KB
MD5

0c6ed0f4b8ef5d1ead326a667ee3004a
SHA1

a9421aa84420b303219f40a771c94be7056cbcc3
SHA256

b7e46980edf43028b116ab589c2c51fc37d52c1ca1cf38e097b1bafc86be3ca6
SHA512

fc257f5b9948a08dcd1021885ca316db688794f050c3273ea8970f3bd6baac904899ee5a09e2d310f9931bd0f2b2c39dc56e231f2ecace023f9f0131fe710350
SSDEEP

3072:QfavAG1nVZqZUFroLNwXiWACrOxdZJ+XXknfpns4RI0EEtajsEJ4:n7riCCjO0f+4bQ4

Score

8^/10

Malware Config

Signatures

Drops file in Drivers directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\drivers\myfault.sys	notmyfault.exe
File created	C:\Windows\SysWOW64\drivers\myfault.sys	notmyfault.exe

Suspicious behavior: LoadsDriver 3 IoCs

pid	Process
480	Process not Found
480	Process not Found
480	Process not Found

C:\Users\Admin\AppData\Local\Temp\notmyfault.exe
"C:\Users\Admin\AppData\Local\Temp\notmyfault.exe"
1⤵
- Drops file in Drivers directory
PID:2964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads