Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
19-05-2024 17:44
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
installer.exe
Resource
win7-20240221-en
2 signatures
150 seconds
General
-
Target
installer.exe
-
Size
461KB
-
MD5
884f5848d30cf185a5a71d4f8ddbcda2
-
SHA1
a8148b8d3b8ffaa3f4acafe524b2f3bbc8c7c069
-
SHA256
cbd2c1968efc201812143c4d37f51493f5be63865d1a106ecddfe174ff9c4505
-
SHA512
14b3a23a05a37cb75f11ee7edeba27d63c73c9cebbf190c7b38b6dd3f182c60fdb9ee39dbd011b7be79e621674db282cce392ff464e7cdbe7ac4c5db3623b668
-
SSDEEP
12288:HnIIAxNYp+Of87ZO533+zcjg7VYztOXFn:HIIGYpvmKuzb7gen
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target Process procid_target 2572 2476 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
installer.exedescription pid Process procid_target PID 2476 wrote to memory of 2572 2476 installer.exe 29 PID 2476 wrote to memory of 2572 2476 installer.exe 29 PID 2476 wrote to memory of 2572 2476 installer.exe 29 PID 2476 wrote to memory of 2572 2476 installer.exe 29 PID 2476 wrote to memory of 2572 2476 installer.exe 29 PID 2476 wrote to memory of 2572 2476 installer.exe 29 PID 2476 wrote to memory of 2572 2476 installer.exe 29