90f68e40e22da341888a881fa701d0a26adbfb8a62693044d137826fc1c677fa

Resubmissions

17/04/2024, 12:16 UTC

240417-pfx1vsfh7v 10

17/04/2024, 12:16 UTC

240417-pfxebsed54 10

17/04/2024, 12:16 UTC

240417-pfwsssed52 10

17/04/2024, 12:16 UTC

240417-pftcnsed48 10

17/04/2024, 12:16 UTC

240417-pfsq5sfh7s 10

16/04/2024, 13:45 UTC

240416-q2cgqada9t 10

Analysis

max time kernel
210s
max time network
274s
platform
windows11-21h2_x64
resource
win11-20240412-en
resource tags

arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
submitted
16/04/2024, 13:45 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

90f68e40e22da341888a881fa701d0a26adbfb8a62693044d137826fc1c677fa.exe
Size

1.3MB
MD5

1ca13ce3fd4bc03072da2c09923cea0d
SHA1

a7e301c835a2543778751ccd37d4d442f18f19fe
SHA256

90f68e40e22da341888a881fa701d0a26adbfb8a62693044d137826fc1c677fa
SHA512

54be0c00ec5f5f1d8663e912ebb503f41a94ff003babf4ed9c49bc2ead32ec46127ea191014e2e607e5395104626d2d2b4af8f3bad8c04684d101a0f76d8e09d
SSDEEP

12288:hD0Yxtmgcj3DKjs16MKYIjhy+AC5j6vfNqr:hQYxtmiEEYIjhyQj6vfNqr

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
244	3296	WerFault.exe	77

C:\Users\Admin\AppData\Local\Temp\90f68e40e22da341888a881fa701d0a26adbfb8a62693044d137826fc1c677fa.exe
"C:\Users\Admin\AppData\Local\Temp\90f68e40e22da341888a881fa701d0a26adbfb8a62693044d137826fc1c677fa.exe"
1⤵
PID:3296
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3296 -s 260
  2⤵
  - Program crash
  PID:244

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 3296 -ip 3296
1⤵
PID:428

Network

DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

43.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.229.111.52.in-addr.arpa

IN PTR

Response
DNS

43.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.229.111.52.in-addr.arpa

IN PTR

No results found

8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

210 B
248 B
3
2

DNS Request

8.8.8.8.in-addr.arpa

DNS Request

43.229.111.52.in-addr.arpa

DNS Request

43.229.111.52.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3296-1-0x00000000053E0000-0x00000000054E0000-memory.dmp

Filesize
1024KB

Download
memory/3296-2-0x0000000005760000-0x00000000057C7000-memory.dmp

Filesize
412KB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.