Overview

overview

10

Static

static

3

220f464b76...f3.exe

windows10-2004-x64

10

2743aa58ac...22.exe

windows7-x64

3

2743aa58ac...22.exe

windows10-2004-x64

10

2ce9158850...93.exe

windows10-2004-x64

10

2d1e7e578c...8f.exe

windows7-x64

3

2d1e7e578c...8f.exe

windows10-2004-x64

10

6a183f77b9...7d.exe

windows10-2004-x64

10

7727481721...74.exe

windows7-x64

3

7727481721...74.exe

windows10-2004-x64

10

951f93d281...f8.exe

windows7-x64

3

951f93d281...f8.exe

windows10-2004-x64

10

9bba18a180...52.exe

windows10-2004-x64

10

a467111c1a...4b.exe

windows10-2004-x64

10

b6b30a924e...0b.exe

windows10-2004-x64

10

bdacff51fa...2b.exe

windows10-2004-x64

10

c37c4fe673...eb.exe

windows10-2004-x64

10

d0f3f32b61...38.exe

windows7-x64

3

d0f3f32b61...38.exe

windows10-2004-x64

10

d353176614...e5.exe

windows10-2004-x64

10

d49811a818...06.exe

windows7-x64

3

d49811a818...06.exe

windows10-2004-x64

10

db044599ba...af.exe

windows7-x64

3

db044599ba...af.exe

windows10-2004-x64

10

e3c9a1721d...3b.exe

windows10-2004-x64

10

ea47879989...93.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13-05-2024 10:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d0f3f32b61b9e8c20cd73d28b21a5e034041570a81ffd7bddcd760bc2f8a5538.exe

  • Size

    501KB

  • MD5

    481a6a93cdc1991a33aa1619235084ac

  • SHA1

    505d3069c350fdc7750bd23d89985c831bd1c01c

  • SHA256

    d0f3f32b61b9e8c20cd73d28b21a5e034041570a81ffd7bddcd760bc2f8a5538

  • SHA512

    ca08faf83252809be0f8f33343d4ff4e9742d68dcd86e04e2b17eda41ccb245042856dbf73fb1b3742ee27491d9f236d1dbfa91782ead8b09c9dc26f883478fb

  • SSDEEP

    12288:6ZJQdCWme3O0X4aclyuoxVj0RteVtD57qyL98V:CedCWdofyuoxVj0RtqD1Z+

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d0f3f32b61b9e8c20cd73d28b21a5e034041570a81ffd7bddcd760bc2f8a5538.exe
    "C:\Users\Admin\AppData\Local\Temp\d0f3f32b61b9e8c20cd73d28b21a5e034041570a81ffd7bddcd760bc2f8a5538.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:848
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 848 -s 88
      2⤵
      • Program crash
      PID:2068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/848-0-0x0000000000B59000-0x0000000000B5A000-memory.dmp
    Filesize

    4KB

    Download