Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240412-en
  • resource tags

    arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    23-04-2024 11:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e1446c60ff0ddce08b4545dac30f65f0e21ccab0730c197d769486ddb7c32bac.exe

  • Size

    408KB

  • MD5

    9c4f3e449e1083a20aaaa473ff98deba

  • SHA1

    36915cdb45b9c32630e84b7e6d38f943d8fdb16e

  • SHA256

    e1446c60ff0ddce08b4545dac30f65f0e21ccab0730c197d769486ddb7c32bac

  • SHA512

    20536c3df55fae144ead0ea7522f7ea37a3a349636d80e8a109ece24dff1885b1768ceda0e2e7eb177cf0f95c423213fc320db087f7b3cd602db46e68f310349

  • SSDEEP

    6144:fKtY8LWMaYCfMrcrlsvgbngUYwoYDQSUql+2wxHqTSzp5ccRVEac:fKtY8L3alfMwsojgr3Yac+t8S1Ct

Score
3/10

Malware Config

Signatures

  • Program crash 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e1446c60ff0ddce08b4545dac30f65f0e21ccab0730c197d769486ddb7c32bac.exe
    "C:\Users\Admin\AppData\Local\Temp\e1446c60ff0ddce08b4545dac30f65f0e21ccab0730c197d769486ddb7c32bac.exe"
    1⤵
      PID:844
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 844 -s 1236
        2⤵
        • Program crash
        PID:2744
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 844 -s 1256
        2⤵
        • Program crash
        PID:2092
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 844 -s 1172
        2⤵
        • Program crash
        PID:3396
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 844 -ip 844
      1⤵
        PID:4612
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 844 -ip 844
        1⤵
          PID:692
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -pss -s 492 -p 844 -ip 844
          1⤵
            PID:3740

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/844-1-0x00000000042F0000-0x00000000043F0000-memory.dmp
            Filesize

            1024KB

            Download
          • memory/844-2-0x00000000045F0000-0x000000000463B000-memory.dmp
            Filesize

            300KB

            Download
          • memory/844-3-0x0000000000400000-0x000000000405A000-memory.dmp
            Filesize

            60.4MB

            Download