Overview
overview
10Static
static
300dc3a43dd...78.exe
windows10-2004-x64
101b26ae68f4...45.exe
windows10-2004-x64
10277f52adcf...94.exe
windows10-2004-x64
1032df5b0360...59.exe
windows10-2004-x64
103d03f2fde9...00.exe
windows10-2004-x64
1050be51fdd5...4b.exe
windows10-2004-x64
1053b6f1fa7f...02.exe
windows7-x64
1053b6f1fa7f...02.exe
windows10-2004-x64
106286d393c9...52.exe
windows7-x64
36286d393c9...52.exe
windows10-2004-x64
106547f1c95b...de.exe
windows10-2004-x64
106c066f3c43...19.exe
windows10-2004-x64
106fca9c5ffc...25.exe
windows10-2004-x64
109a3f5d3f84...b2.exe
windows10-2004-x64
10ae66f2f071...07.exe
windows10-2004-x64
10b11b1b57a3...06.exe
windows10-2004-x64
10b7da28873d...d0.exe
windows10-2004-x64
10d49a64853d...65.exe
windows7-x64
3d49a64853d...65.exe
windows10-2004-x64
10d599ef82af...3c.exe
windows10-2004-x64
10d7873c75af...a3.exe
windows10-2004-x64
10db2419395b...f8.exe
windows10-2004-x64
10e7b8d2cb79...0b.exe
windows10-2004-x64
10Analysis
-
max time kernel
118s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
09-05-2024 17:56
Static task
static1
Behavioral task
behavioral1
Sample
00dc3a43dda255a61bd370ebbf0fc0431112da3c176a205489b4a2113c396878.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
1b26ae68f4d9a6a0bfd1a8c92489c6dcdb1a4e6ca483442c2b307329cdfb9345.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
277f52adcffdae3b95ac4c1b928de6c4a507600023471054f5c9d34f3b852f94.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral4
Sample
32df5b0360337fb2cb7c64f82fa3d8fde28ff3c1028c424475918553f0dae959.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
3d03f2fde9b9bf8b3069d0b3bdf2625973d4f23daa92673be4185d9c0d5f2500.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral6
Sample
50be51fdd59dbf4ac078600bca6c8481f0e5baf0010085e6e0ce8d763e87da4b.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
53b6f1fa7f2466210d99ea5bba427014f08b5656339d05d1dc0d120b7c6a3b02.exe
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
53b6f1fa7f2466210d99ea5bba427014f08b5656339d05d1dc0d120b7c6a3b02.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
6286d393c93044fd5b8363ccad5324fadfde3e3d9b340ec908941eab3fe90652.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
6286d393c93044fd5b8363ccad5324fadfde3e3d9b340ec908941eab3fe90652.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
6547f1c95bc0b060cd5e5f6b8e5e968b730cd21f758f6dd5371e802b13a5a1de.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral12
Sample
6c066f3c43054e87d83f1b9983162f080d1fb4f01c5d81ac389dad5406dc5119.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
6fca9c5ffc57888f92c438ff3dd7d9247b7f7e696e9a6b1b63c3aa2a801b0625.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral14
Sample
9a3f5d3f84858840f8bdd8879b66a6c1ccb772e507f7f09dfe1c5a88e2d33db2.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
ae66f2f0715075257fd7cda872646950fd845087e7735d1171fc72267d7c4707.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral16
Sample
b11b1b57a3bb5f7ea58bd5b191ab3813432fcc41e7f4e321fa61b848d8c86606.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
b7da28873d43a4b6acac44b82b109a2489323a219d2cece98db41b834a2f30d0.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral18
Sample
d49a64853d7fdb5d663df0941d5488cd6e080c07ea46f31a0326e2e0ab34f765.exe
Resource
win7-20240220-en
Behavioral task
behavioral19
Sample
d49a64853d7fdb5d663df0941d5488cd6e080c07ea46f31a0326e2e0ab34f765.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral20
Sample
d599ef82af0badf49dd8c6cc5d7bad517685798e47a31291d482c5768dae4e3c.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral21
Sample
d7873c75af8bf0f44eedb5171fcab5b70d157578f4a43aff8aaadb23058cb1a3.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral22
Sample
db2419395b2091b54fbda644944d811a11fcb035dba5ab2e6d4b5ee327abbdf8.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
e7b8d2cb79d76cc4434f9525644c524179ad84cea43f8c12ee7ad387710dfc0b.exe
Resource
win10v2004-20240226-en
General
-
Target
6286d393c93044fd5b8363ccad5324fadfde3e3d9b340ec908941eab3fe90652.exe
-
Size
315KB
-
MD5
bf89c72f6388b3884699e8081c8314c4
-
SHA1
587f7e952669cc84756181deff315132cba078d4
-
SHA256
6286d393c93044fd5b8363ccad5324fadfde3e3d9b340ec908941eab3fe90652
-
SHA512
fa90330bb2e3a16579de6ae76bda2371b7e18e246ebcaa7432d010f2743e944bbf5e494941bb2d3192cc4816fa97e64cefe31f61817cd6cf18b38e9cc81b02ce
-
SSDEEP
6144:pR99pI60nbM8uPZy3+8KIDP3uSEykJUxDyvPH3ef5AvnKXHS:pr9+60nbnuY3PEykJ2M3ehAsHS
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1896 2072 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2072 wrote to memory of 1896 2072 6286d393c93044fd5b8363ccad5324fadfde3e3d9b340ec908941eab3fe90652.exe 29 PID 2072 wrote to memory of 1896 2072 6286d393c93044fd5b8363ccad5324fadfde3e3d9b340ec908941eab3fe90652.exe 29 PID 2072 wrote to memory of 1896 2072 6286d393c93044fd5b8363ccad5324fadfde3e3d9b340ec908941eab3fe90652.exe 29 PID 2072 wrote to memory of 1896 2072 6286d393c93044fd5b8363ccad5324fadfde3e3d9b340ec908941eab3fe90652.exe 29
Processes
-
C:\Users\Admin\AppData\Local\Temp\6286d393c93044fd5b8363ccad5324fadfde3e3d9b340ec908941eab3fe90652.exe"C:\Users\Admin\AppData\Local\Temp\6286d393c93044fd5b8363ccad5324fadfde3e3d9b340ec908941eab3fe90652.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2072 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2072 -s 362⤵
- Program crash
PID:1896
-