Analysis

  • max time kernel
    66s
  • max time network
    58s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-04-2024 18:30

General

  • Target

    2586cf3cacfa88373ce764b7a9d7d01decd36338ec2da69191cc541c749a9bde.exe

  • Size

    449KB

  • MD5

    5d3f93720e1b81000890a9776e95f38f

  • SHA1

    50decbc9c41469b3604c4af59cfdfd2a0a79f265

  • SHA256

    2586cf3cacfa88373ce764b7a9d7d01decd36338ec2da69191cc541c749a9bde

  • SHA512

    897d2dc9df3fc18a292f923e0e52f6dc62d68fd54adc5b53b3e62269b82f3ab83d1e36b4ec75322ac62816c7a9ea61263eecd8c6cbe21018329ca2a70145442c

  • SSDEEP

    12288:Gb9GpjRN3YUOlgHCmVgNZM4bqkQAXHYKc:Xjf3YUOeO7BFTHYj

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2586cf3cacfa88373ce764b7a9d7d01decd36338ec2da69191cc541c749a9bde.exe
    "C:\Users\Admin\AppData\Local\Temp\2586cf3cacfa88373ce764b7a9d7d01decd36338ec2da69191cc541c749a9bde.exe"
    1⤵
      PID:3968
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3968 -s 736
        2⤵
        • Program crash
        PID:4456
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 3968 -ip 3968
      1⤵
        PID:4528

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3968-2-0x0000000005CD0000-0x0000000005D3D000-memory.dmp

        Filesize

        436KB

      • memory/3968-1-0x0000000004330000-0x0000000004430000-memory.dmp

        Filesize

        1024KB

      • memory/3968-3-0x0000000000400000-0x0000000004060000-memory.dmp

        Filesize

        60.4MB

      • memory/3968-5-0x0000000004330000-0x0000000004430000-memory.dmp

        Filesize

        1024KB

      • memory/3968-7-0x0000000005CD0000-0x0000000005D3D000-memory.dmp

        Filesize

        436KB

      • memory/3968-6-0x0000000000400000-0x0000000004060000-memory.dmp

        Filesize

        60.4MB

      • memory/3968-10-0x0000000000400000-0x0000000004060000-memory.dmp

        Filesize

        60.4MB

      • memory/3968-12-0x0000000000400000-0x0000000004060000-memory.dmp

        Filesize

        60.4MB