Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 18:39
Behavioral task
behavioral1
Sample
202405222aef03604ecf32dd71b7a22d28b2319bstop.exe
Resource
win7-20240508-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
202405222aef03604ecf32dd71b7a22d28b2319bstop.exe
Resource
win10v2004-20240426-en
1 signatures
150 seconds
General
-
Target
202405222aef03604ecf32dd71b7a22d28b2319bstop.exe
-
Size
1.1MB
-
MD5
2aef03604ecf32dd71b7a22d28b2319b
-
SHA1
045192afa19ad66cbf87bbb462a5527030b9f298
-
SHA256
1a36e87d2cdf305417d8a174946832ae3b1f3eb0b0f33cf6780e797b1d61eca1
-
SHA512
62b81de0b9674fdf155bdc49aebebc972457584d40c8dd623075d33f387ca1a03c3907952624e8c795510cc66f4871ef892401507c2abe5c721ba1c2a7016405
-
SSDEEP
24576:ZBUIKn/vwOXGUXAjCymYZiVtElVIBT2roqnTSSxWeT/LRPOO86/HUq7:F0dwAYZt6C31WeTDRPOh6fUq7
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2360 1960 WerFault.exe 202405222aef03604ecf32dd71b7a22d28b2319bstop.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
202405222aef03604ecf32dd71b7a22d28b2319bstop.exedescription pid process target process PID 1960 wrote to memory of 2360 1960 202405222aef03604ecf32dd71b7a22d28b2319bstop.exe WerFault.exe PID 1960 wrote to memory of 2360 1960 202405222aef03604ecf32dd71b7a22d28b2319bstop.exe WerFault.exe PID 1960 wrote to memory of 2360 1960 202405222aef03604ecf32dd71b7a22d28b2319bstop.exe WerFault.exe PID 1960 wrote to memory of 2360 1960 202405222aef03604ecf32dd71b7a22d28b2319bstop.exe WerFault.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\202405222aef03604ecf32dd71b7a22d28b2319bstop.exe"C:\Users\Admin\AppData\Local\Temp\202405222aef03604ecf32dd71b7a22d28b2319bstop.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:1960 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1960 -s 1922⤵
- Program crash
PID:2360