Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 19:02
Behavioral task
behavioral1
Sample
202405224ca9f8f70849c8902ef42964b1ada4b6stop.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
202405224ca9f8f70849c8902ef42964b1ada4b6stop.exe
Resource
win10v2004-20240226-en
1 signatures
150 seconds
General
-
Target
202405224ca9f8f70849c8902ef42964b1ada4b6stop.exe
-
Size
1.1MB
-
MD5
4ca9f8f70849c8902ef42964b1ada4b6
-
SHA1
840a92050ec646cd4c05ae2546eb6491347df657
-
SHA256
bc7d80ea2c1da3875c0416bf31fd61d85fce91de42a13fd8ad212aa05b75b28c
-
SHA512
6831e52d61499625774c83a015e34cc2eaacaa687940179b0399e6494c2cad70454a665520612424a96e111a9b221b6b02ea3e22af766a38209a5d554d1707a0
-
SSDEEP
24576:ZBUIKn/vwOXGUXAjCymYZiVtElVIBT2roqnTSSxWeT/XRPOO865HUq7:F0dwAYZt6C31WeTPRPOh6FUq7
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2348 2156 WerFault.exe 202405224ca9f8f70849c8902ef42964b1ada4b6stop.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
202405224ca9f8f70849c8902ef42964b1ada4b6stop.exedescription pid process target process PID 2156 wrote to memory of 2348 2156 202405224ca9f8f70849c8902ef42964b1ada4b6stop.exe WerFault.exe PID 2156 wrote to memory of 2348 2156 202405224ca9f8f70849c8902ef42964b1ada4b6stop.exe WerFault.exe PID 2156 wrote to memory of 2348 2156 202405224ca9f8f70849c8902ef42964b1ada4b6stop.exe WerFault.exe PID 2156 wrote to memory of 2348 2156 202405224ca9f8f70849c8902ef42964b1ada4b6stop.exe WerFault.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\202405224ca9f8f70849c8902ef42964b1ada4b6stop.exe"C:\Users\Admin\AppData\Local\Temp\202405224ca9f8f70849c8902ef42964b1ada4b6stop.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2156 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2156 -s 1962⤵
- Program crash
PID:2348