Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
08-05-2024 13:58
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20240508-en
11 signatures
150 seconds
General
-
Target
file.exe
-
Size
462KB
-
MD5
b1910535419200a891f5c2a827d7b4e0
-
SHA1
7c6b9a90802e3b5897c2fc6a70ebdb6de93548c6
-
SHA256
cb7f2dbecd68994f85137528ce2fc68f43f491c99ea7c231247b76e8b0e7b0ba
-
SHA512
0ec4ff629358bdf79ee029ffc21b0093fa07f09c8a43f5d45dc0aeb4a960f87c3fc731b155a6032f2d2b7a1890fa7632f30fcede40e9d79a8f35e33442dca1b5
-
SSDEEP
12288:S3/SNRR4lpxJLeURhAYmVYujbsqboi3VfygKU:S63Glp7Lj3Bujbsq1+
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2172 3000 WerFault.exe file.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
file.exedescription pid process target process PID 3000 wrote to memory of 2172 3000 file.exe WerFault.exe PID 3000 wrote to memory of 2172 3000 file.exe WerFault.exe PID 3000 wrote to memory of 2172 3000 file.exe WerFault.exe PID 3000 wrote to memory of 2172 3000 file.exe WerFault.exe