Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29-04-2024 12:58
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
INV0029382.exe
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
INV0029382.exe
Resource
win10v2004-20240226-en
5 signatures
150 seconds
General
-
Target
INV0029382.exe
-
Size
997KB
-
MD5
c72150696ac13ac1a2dc8b492c0d5ca3
-
SHA1
ff72cd015ebfe11c15f331122103fb78c5ad118c
-
SHA256
1429363a609282393015df73bb88aea33d19637a0abb82982d1050e56e1b4481
-
SHA512
505dd2c31c2f4e08330239d1a7c4357df8fd1c8aa66a50b5a4e91162b7c800caefb56eef69aa6c66955382a91fcb2997f269eaf280826e647a9491a2f9741c1f
-
SSDEEP
24576:gsP3GbkmtYXd/f9j91ir4hpKyO7YL3qiA8b2ab6WzXQ9DwYE:gf2Xrj9Qru/kaqFabBQ9sb
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
INV0029382.exedescription pid process target process PID 2944 wrote to memory of 272 2944 INV0029382.exe WerFault.exe PID 2944 wrote to memory of 272 2944 INV0029382.exe WerFault.exe PID 2944 wrote to memory of 272 2944 INV0029382.exe WerFault.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2944-0-0x0000000000140000-0x00000000001AC000-memory.dmpFilesize
432KB
-
memory/2944-1-0x000007FEF54B0000-0x000007FEF5E9C000-memory.dmpFilesize
9.9MB
-
memory/2944-2-0x000000001B000000-0x000000001B080000-memory.dmpFilesize
512KB
-
memory/2944-3-0x000007FEF54B0000-0x000007FEF5E9C000-memory.dmpFilesize
9.9MB
-
memory/2944-4-0x000000001B000000-0x000000001B080000-memory.dmpFilesize
512KB