Analysis

  • max time kernel
    71s
  • max time network
    67s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240419-en
  • resource tags

    arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    29-04-2024 09:41

General

  • Target

    ec25564bebac2bad4bff8e50ffb2d640a186ddc62f327b60fdbd82e97c622fc1.exe

  • Size

    347KB

  • MD5

    4af2d4b6e00f249a9491f63af45d54fe

  • SHA1

    416ebe409e15f703efbbc5d88216bfd014a2a529

  • SHA256

    ec25564bebac2bad4bff8e50ffb2d640a186ddc62f327b60fdbd82e97c622fc1

  • SHA512

    15367c796c3129093055e79fca1c5af43bf287914dcd4efa13d0ab4f8c0866cc7d0eaf2f6eb4502275a86e3ab5f5a36d97f9d3ff76e6ab634950738942cae443

  • SSDEEP

    6144:aGNJdD4C4xkIsmIqLoSj9hXc6+Bl7+sysO+ThbGlN50BdYjFqo:d5a+IsmhoSZG5lysynD50Hbo

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ec25564bebac2bad4bff8e50ffb2d640a186ddc62f327b60fdbd82e97c622fc1.exe
    "C:\Users\Admin\AppData\Local\Temp\ec25564bebac2bad4bff8e50ffb2d640a186ddc62f327b60fdbd82e97c622fc1.exe"
    1⤵
      PID:4272
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4272 -s 708
        2⤵
        • Program crash
        PID:1556
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4272 -ip 4272
      1⤵
        PID:4676

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4272-1-0x0000000002E10000-0x0000000002F10000-memory.dmp

        Filesize

        1024KB

      • memory/4272-2-0x0000000002D90000-0x0000000002DFD000-memory.dmp

        Filesize

        436KB

      • memory/4272-3-0x0000000000400000-0x0000000002B15000-memory.dmp

        Filesize

        39.1MB

      • memory/4272-7-0x0000000002E10000-0x0000000002F10000-memory.dmp

        Filesize

        1024KB

      • memory/4272-6-0x0000000000400000-0x0000000002B15000-memory.dmp

        Filesize

        39.1MB

      • memory/4272-9-0x0000000000400000-0x0000000002B15000-memory.dmp

        Filesize

        39.1MB

      • memory/4272-11-0x0000000000400000-0x0000000002B15000-memory.dmp

        Filesize

        39.1MB

      • memory/4272-30-0x0000000076310000-0x000000007638A000-memory.dmp

        Filesize

        488KB

      • memory/4272-33-0x0000000075300000-0x0000000075306000-memory.dmp

        Filesize

        24KB

      • memory/4272-32-0x00000000763E0000-0x0000000076405000-memory.dmp

        Filesize

        148KB

      • memory/4272-31-0x0000000076250000-0x000000007630B000-memory.dmp

        Filesize

        748KB

      • memory/4272-12-0x0000000000400000-0x0000000002B15000-memory.dmp

        Filesize

        39.1MB

      • memory/4272-29-0x0000000077400000-0x00000000774C2000-memory.dmp

        Filesize

        776KB

      • memory/4272-28-0x0000000077590000-0x000000007760C000-memory.dmp

        Filesize

        496KB

      • memory/4272-27-0x00000000758A0000-0x00000000759B2000-memory.dmp

        Filesize

        1.1MB

      • memory/4272-26-0x00000000753E0000-0x000000007545B000-memory.dmp

        Filesize

        492KB

      • memory/4272-25-0x0000000076420000-0x00000000764FF000-memory.dmp

        Filesize

        892KB

      • memory/4272-24-0x00000000753B0000-0x00000000753D2000-memory.dmp

        Filesize

        136KB

      • memory/4272-23-0x00000000760A0000-0x00000000760BA000-memory.dmp

        Filesize

        104KB

      • memory/4272-22-0x0000000075EF0000-0x000000007609C000-memory.dmp

        Filesize

        1.7MB

      • memory/4272-21-0x0000000075310000-0x00000000753B0000-memory.dmp

        Filesize

        640KB

      • memory/4272-20-0x00000000754E0000-0x0000000075732000-memory.dmp

        Filesize

        2.3MB

      • memory/4272-19-0x0000000075740000-0x0000000075830000-memory.dmp

        Filesize

        960KB

      • memory/4272-18-0x0000000077610000-0x0000000077619000-memory.dmp

        Filesize

        36KB

      • memory/4272-17-0x00007FFA2FAC0000-0x00007FFA2FAD6000-memory.dmp

        Filesize

        88KB

      • memory/4272-16-0x00007FFA2F390000-0x00007FFA2F41A000-memory.dmp

        Filesize

        552KB

      • memory/4272-15-0x00007FFA2F4F0000-0x00007FFA2F4F8000-memory.dmp

        Filesize

        32KB

      • memory/4272-14-0x00007FFA2F510000-0x00007FFA2F567000-memory.dmp

        Filesize

        348KB

      • memory/4272-13-0x00007FFA2FCE0000-0x00007FFA2FEE9000-memory.dmp

        Filesize

        2.0MB