Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 14:32

General

  • Target

    b7dd4fa2a0deaf6b70cea7aaf1292a2e835aef45edb5a190cc515d98cf60a8d9.exe

  • Size

    293KB

  • MD5

    3503d07ffdcbf58c0991a126f62e2c5c

  • SHA1

    3ed929e6f39d6088a58f34f960a7c990b390675a

  • SHA256

    b7dd4fa2a0deaf6b70cea7aaf1292a2e835aef45edb5a190cc515d98cf60a8d9

  • SHA512

    12dd40424a7b70721f7a631220862126a12f5812f95e121eeff76b23b147020a98100cb152082dffb7a68cae5015c5392775264a754b3e6931099beb26c52157

  • SSDEEP

    6144:27wlKAtETWV0M582YRT/9pWIYjkSbGwRm/CN+wbsdSaaO0:iAtETWV7uXpRYjk4BRFNzwdAO0

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b7dd4fa2a0deaf6b70cea7aaf1292a2e835aef45edb5a190cc515d98cf60a8d9.exe
    "C:\Users\Admin\AppData\Local\Temp\b7dd4fa2a0deaf6b70cea7aaf1292a2e835aef45edb5a190cc515d98cf60a8d9.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1208
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1208 -s 92
      2⤵
      • Program crash
      PID:1776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1208-0-0x00000000013E8000-0x00000000013EA000-memory.dmp

    Filesize

    8KB