Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 15:04
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20240426-en
6 signatures
150 seconds
General
-
Target
file.exe
-
Size
459KB
-
MD5
fdc69e7726f37315f2f576a3ca749c48
-
SHA1
44cb651c3be86b959e4e630e741189ad2c945c44
-
SHA256
1692db4e522605d93551ddcabeffa92a2cd43e764a134833644808319784b955
-
SHA512
de974aa0e7cb1393eefacbd90a87f2283af59004de217283b9dbba2c338935aa013ba738065747d2491248ca3d781ee7ede0044082a58da3fa21989e3431dc2f
-
SSDEEP
12288:REY+q1cYutAScujVzQ/B02L4dj5w2TUTup:W6ScuJzI028dNNUKp
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2476 1368 WerFault.exe file.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
file.exedescription pid process target process PID 1368 wrote to memory of 2476 1368 file.exe WerFault.exe PID 1368 wrote to memory of 2476 1368 file.exe WerFault.exe PID 1368 wrote to memory of 2476 1368 file.exe WerFault.exe PID 1368 wrote to memory of 2476 1368 file.exe WerFault.exe