Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
07-05-2024 14:48
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240419-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20240426-en
11 signatures
150 seconds
General
-
Target
file.exe
-
Size
509KB
-
MD5
98b6ec64d37efa2d1b82037c9cd2c51e
-
SHA1
2bd96489914570b2fe8f5b652166ae2584b8f203
-
SHA256
cedb8fc0a286ec44b5d3451f06ee954c1c8cca943981e6f5223bf6916af0fb3b
-
SHA512
87c747ca7377cdd18dd0ace74472950946000b9ef62b279ce41daf040a200893c70ea8e476881542e05a72a89a151d4f7755913a2521f431d2fb79951e57f9d7
-
SSDEEP
12288:nW+60nbnuhQJmv0nBRMGJsk7RRFbo2jnqHS:nWV0n4v0n7MGJX3K8c
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2860 1860 WerFault.exe file.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
file.exedescription pid process target process PID 1860 wrote to memory of 2860 1860 file.exe WerFault.exe PID 1860 wrote to memory of 2860 1860 file.exe WerFault.exe PID 1860 wrote to memory of 2860 1860 file.exe WerFault.exe PID 1860 wrote to memory of 2860 1860 file.exe WerFault.exe