Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10-05-2024 14:50

General

  • Target

    7f4e22792482af87ecb52079082a4c33f24544a6b37c4e5da40ac1ac7f9ca3bb.exe

  • Size

    332KB

  • MD5

    d84439daf93489d765085cc2f32f6cc5

  • SHA1

    0590cf46425d0e6872b91aacfa9ee77ba360910e

  • SHA256

    7f4e22792482af87ecb52079082a4c33f24544a6b37c4e5da40ac1ac7f9ca3bb

  • SHA512

    8640f95d913066e653a3014e40dc283667e4b8ab09f8494b87f99371632cb3910e7cda9850c10d974a6ae336e750d68ac0154fe124bd88d2c5bcd1d87dc39c22

  • SSDEEP

    6144:UFpwxf1gbCn4EXza9J+0rrCJJRgyghmqL7D1XkA59Kje+0Xp:UXbbCn4EXzt5oyggqLV0R30Xp

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7f4e22792482af87ecb52079082a4c33f24544a6b37c4e5da40ac1ac7f9ca3bb.exe
    "C:\Users\Admin\AppData\Local\Temp\7f4e22792482af87ecb52079082a4c33f24544a6b37c4e5da40ac1ac7f9ca3bb.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1032
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1032 -s 52
      2⤵
      • Program crash
      PID:3036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1032-1-0x0000000000030000-0x0000000000031000-memory.dmp

    Filesize

    4KB

  • memory/1032-0-0x0000000000030000-0x0000000000031000-memory.dmp

    Filesize

    4KB