Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/04/2024, 05:07 UTC

General

  • Target

    2024-04-28_e7777778df20c690cdcf650546a38da8_virlock.exe

  • Size

    111KB

  • MD5

    e7777778df20c690cdcf650546a38da8

  • SHA1

    14c783f4b5f389a2278d0f4277de70034f4b8603

  • SHA256

    8b9643e07d6d5a6696481973113dedb7b882e515c3c6fed3aab97defee145b6b

  • SHA512

    f7e1905e8470848a39e83d92d3e0e0b6b82dddf17c679db6b67adeac4f63df2405a19ca5e6ff0a4894505f90684df6a525d343144423e1ea35bdb6c25bcdf754

  • SSDEEP

    3072:hSZCjCBRk4PHX1tnVfgE36CFznSgrVhAqeP:hZCBJHX1pVJ6sznSwVhfe

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-28_e7777778df20c690cdcf650546a38da8_virlock.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-28_e7777778df20c690cdcf650546a38da8_virlock.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2384 -s 36
      2⤵
      • Program crash
      PID:356

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2384-0-0x0000000000400000-0x000000000041D000-memory.dmp

    Filesize

    116KB

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.