Analysis
-
max time kernel
129s -
max time network
98s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
22-05-2024 22:05
Static task
static1
Behavioral task
behavioral1
Sample
479bfd79d5de709bb9b6877befa7e8688747814ccdeb25d39eb8888d8daa2392.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
479bfd79d5de709bb9b6877befa7e8688747814ccdeb25d39eb8888d8daa2392.exe
Resource
win10v2004-20240508-en
General
-
Target
479bfd79d5de709bb9b6877befa7e8688747814ccdeb25d39eb8888d8daa2392.exe
-
Size
14KB
-
MD5
1c637e9e74f158a52f48d3b5acc01ae0
-
SHA1
08cdd93b743619b334e61a63d6c89be6756d177d
-
SHA256
479bfd79d5de709bb9b6877befa7e8688747814ccdeb25d39eb8888d8daa2392
-
SHA512
866adb8f7aa2fc936fcb4fe42cf071e88afd323300346c53cb22e7c407e1ec13021556dd3af0b35d110dd736a48c126fa0bd0f2b0f5f1d2a87cd62630884ad8f
-
SSDEEP
384:+N+ZDkb6OtACblQatmufeC1RWGYDE045H:+IZIbFGMlQaQufeohiA
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1592 4728 WerFault.exe 479bfd79d5de709bb9b6877befa7e8688747814ccdeb25d39eb8888d8daa2392.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\479bfd79d5de709bb9b6877befa7e8688747814ccdeb25d39eb8888d8daa2392.exe"C:\Users\Admin\AppData\Local\Temp\479bfd79d5de709bb9b6877befa7e8688747814ccdeb25d39eb8888d8daa2392.exe"1⤵PID:4728
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4728 -s 2162⤵
- Program crash
PID:1592
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4728 -ip 47281⤵PID:3288