Analysis
-
max time kernel
90s -
max time network
94s -
platform
windows11-21h2_x64 -
resource
win11-20240412-en -
resource tags
arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system -
submitted
26/04/2024, 00:10
Static task
static1
Behavioral task
behavioral1
Sample
8f84294e312b67061e2b2396a14205715ce3d9865606acf603d3afc11a698424.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
8f84294e312b67061e2b2396a14205715ce3d9865606acf603d3afc11a698424.exe
Resource
win11-20240412-en
General
-
Target
8f84294e312b67061e2b2396a14205715ce3d9865606acf603d3afc11a698424.exe
-
Size
343KB
-
MD5
273bf8cb6e071f9e3eabd45fd0a63971
-
SHA1
e28dc271d2b4e8a1bcdd39c9c17fc36931586ae2
-
SHA256
8f84294e312b67061e2b2396a14205715ce3d9865606acf603d3afc11a698424
-
SHA512
6735a0c74a79f9b3fe4c55a7c04b3e2cb545bad016f011766cd5e3dba6e079e6ee83a0203bbff356e0689c1804e34df24a4c2a629110b21dde04d98ea4e786b6
-
SSDEEP
6144:U3qlnUGJTc/jaAEz0jcqp7WbCYAmupls78EAn:U3qlUGx0jaAEzqcqp7WbJ03EA
Malware Config
Signatures
-
Program crash 3 IoCs
pid pid_target Process procid_target 2216 3856 WerFault.exe 76 1720 3856 WerFault.exe 76 4836 3856 WerFault.exe 76
Processes
-
C:\Users\Admin\AppData\Local\Temp\8f84294e312b67061e2b2396a14205715ce3d9865606acf603d3afc11a698424.exe"C:\Users\Admin\AppData\Local\Temp\8f84294e312b67061e2b2396a14205715ce3d9865606acf603d3afc11a698424.exe"1⤵PID:3856
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3856 -s 12882⤵
- Program crash
PID:2216
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3856 -s 13122⤵
- Program crash
PID:1720
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3856 -s 13242⤵
- Program crash
PID:4836
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 352 -p 3856 -ip 38561⤵PID:1004
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 3856 -ip 38561⤵PID:1044
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 3856 -ip 38561⤵PID:1996