Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
10-05-2024 17:05
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240419-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20240508-en
11 signatures
150 seconds
General
-
Target
file.exe
-
Size
402KB
-
MD5
f02798ba573318a4ba1bb6e39c45ad5c
-
SHA1
9b81fd616e27b9aeca4a5a42775df026da28f557
-
SHA256
2b9fa60df2621c7cd698d7d11007f8a04cb6586f495b58f4fd8cc5de5b04f826
-
SHA512
de15b3b67063359bad041e87e1f16029775ca16d2199b2284f3b3039c11f704f208fc994f1383aa7704a7c01544e87aba7c796c407c40c8281ebd607212f2385
-
SSDEEP
6144:dzOa82gO92tYhBOl+vCit0Y0d0ggOl3yinIvSC9dRuJSo+2Aymo/un7pespk:daaR9wYhYiCDQKIvZ1uJSo+jjoS8spk
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2056 1008 WerFault.exe file.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
file.exedescription pid process target process PID 1008 wrote to memory of 2056 1008 file.exe WerFault.exe PID 1008 wrote to memory of 2056 1008 file.exe WerFault.exe PID 1008 wrote to memory of 2056 1008 file.exe WerFault.exe PID 1008 wrote to memory of 2056 1008 file.exe WerFault.exe