Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
17-04-2024 18:10
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
General
-
Target
file.exe
-
Size
422KB
-
MD5
804b1a320ca4610b1e44af97fd9c295a
-
SHA1
5be4e86aa94c00cc0fb69292b71ce2581493b144
-
SHA256
9b8c538cfaba9cfa4fc75ed96b8846f240d0bf3a7f440609964ad31aaabdcfc8
-
SHA512
fdd88ccf44b3e0c27c022bd9e936f05cae73a260e408078a18ae9b8995451a8d7bb677d152c79e0e70c41bf66439530b03b707fdad3826c5edfc745452a62b8c
-
SSDEEP
12288:qy3q/jkZxUcjAWlwTfTLqREbVd09PSVk4po:LqbkZ3ObiRmd00S
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 3040 1708 WerFault.exe file.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
file.exedescription pid process target process PID 1708 wrote to memory of 3040 1708 file.exe WerFault.exe PID 1708 wrote to memory of 3040 1708 file.exe WerFault.exe PID 1708 wrote to memory of 3040 1708 file.exe WerFault.exe PID 1708 wrote to memory of 3040 1708 file.exe WerFault.exe