Analysis
-
max time kernel
15s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
18-05-2024 05:00
Behavioral task
behavioral1
Sample
download.exe
Resource
win7-20231129-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
download.exe
Resource
win10v2004-20240226-en
0 signatures
150 seconds
General
-
Target
download.exe
-
Size
4KB
-
MD5
5b71d7d459d3326c56f51b87b26a566f
-
SHA1
f8fd9d1727120c651fa6b1b00f15741a8985568c
-
SHA256
d83084e5a229b51008a4af6c8cf1fbb3b61cc083b1f06f6da823dc5afe8fef47
-
SHA512
7299a2d4ed60c17001eb2b7d3581fda2b5783b9e4a755935470ddb9a86fab2d7804ab4b62d7d8e771123715a172e46cb1c6e2867e39558d8b648f801b7d8ffae
-
SSDEEP
48:6uZeis1dklrVe/nbE/AQX2izgruwCjZ8qyWiIqUXO9qK0AW0Xq:/U1deReKAi2ggr8jZ3HHv
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1704 2896 WerFault.exe download.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
download.exedescription pid process target process PID 2896 wrote to memory of 1704 2896 download.exe WerFault.exe PID 2896 wrote to memory of 1704 2896 download.exe WerFault.exe PID 2896 wrote to memory of 1704 2896 download.exe WerFault.exe PID 2896 wrote to memory of 1704 2896 download.exe WerFault.exe