Analysis
-
max time kernel
93s -
max time network
113s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
19/04/2024, 00:11
General
-
Target
87be8c73cddf9df57a1565d7695dc3e98740ffee5858831ba5174bd065b68b85.exe
-
Size
69KB
-
MD5
7f26aa9fb3c3a906e50c62e6118bac1a
-
SHA1
22579e92492052980da5e08dde9e2cc47ec8f8e1
-
SHA256
87be8c73cddf9df57a1565d7695dc3e98740ffee5858831ba5174bd065b68b85
-
SHA512
8c93b713ac10f1817309efcfaac6035855d4712d59c9df0bdcdb62562ce5ce666699c77e8df5ad472f74ae81c31247ebbbd9259f95d9332ec2337b9eb7bd148d
-
SSDEEP
1536:xvKmNP0v+PrZFwApbEZMSY+A37feaCMJDmYsLIb4PvYqHB/AdGD:xvZPGIZFpREZMSDADeak7dJHB/AdGD
Score
5/10
Malware Config
Signatures
-
Suspicious use of SetThreadContext 1 IoCs
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 5 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\87be8c73cddf9df57a1565d7695dc3e98740ffee5858831ba5174bd065b68b85.exe"C:\Users\Admin\AppData\Local\Temp\87be8c73cddf9df57a1565d7695dc3e98740ffee5858831ba5174bd065b68b85.exe"1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\svchost.exesvchost.exe2⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3664 -s 123⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3664 -ip 36641⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
44KB
-
Filesize
44KB
-
Filesize
20KB