Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
15-04-2024 22:40
Behavioral task
behavioral1
Sample
AzoteClient.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
AzoteClient.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
out.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
out.exe
Resource
win10v2004-20240412-en
General
-
Target
out.exe
-
Size
756KB
-
MD5
396813ce52b3b3b72265c49ad799644e
-
SHA1
2aedcfeeca12618cd97d97f3df1c054db9eaeeed
-
SHA256
9f35b45413cfe29f0b19c3fcb7f2b614eb02eef59a7437f077d2187394e5174a
-
SHA512
5737ee264b53a5cbc9aadf9867b11138c725c3e4bb8687d2a5a5e9d3a6b7a194fe5625765ea95e3ea37fac7b53a2ff1fb27b1a3cb0d2e5b4c4393e48e59134fa
-
SSDEEP
12288:z9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9EkNC/u2ZChoJNr:9Z1xuVVjfFoynPaVBUR8f+kN10EdIhW
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target Process 3020 2912 WerFault.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
out.exedescription pid Process procid_target PID 2912 wrote to memory of 3020 2912 out.exe 28 PID 2912 wrote to memory of 3020 2912 out.exe 28 PID 2912 wrote to memory of 3020 2912 out.exe 28 PID 2912 wrote to memory of 3020 2912 out.exe 28