Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    05-04-2024 13:08

General

  • Target

    b0195ba69b400a134c86bc120c2dcc9aee2390d6ad7928603462480d4eb1d76e.exe

  • Size

    1.0MB

  • MD5

    a402a1b2187e025f4e8f791fb302a1e5

  • SHA1

    eab8402c4c752684e5bf5f3eb6ce21ac2f8fcc74

  • SHA256

    b0195ba69b400a134c86bc120c2dcc9aee2390d6ad7928603462480d4eb1d76e

  • SHA512

    bfcc79ba4a44c1e0371665f8102aae611062fc65d48b3dc1a206eb80518958ac6684fe80d6713bc40b0a942668ec6c3a76459a2d79a0aa0d191a8d13089b3843

  • SSDEEP

    24576:6AHnh+eWsN3skA4RV1Hom2KXcmtcM4wkExDla+:Nh+ZkldoPKsacLwlx

Score
5/10

Malware Config

Signatures

  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b0195ba69b400a134c86bc120c2dcc9aee2390d6ad7928603462480d4eb1d76e.exe
    "C:\Users\Admin\AppData\Local\Temp\b0195ba69b400a134c86bc120c2dcc9aee2390d6ad7928603462480d4eb1d76e.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2748 -s 236
      2⤵
      • Program crash
      PID:1752

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2748-0-0x00000000010E0000-0x00000000011E9000-memory.dmp

    Filesize

    1.0MB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.