Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
22-05-2024 20:31
General
-
Target
3899bba945b0ce6429df831e5ba8fbc4f5ecb4576cb0a85fee01a60bd29b5634.exe
-
Size
103KB
-
MD5
358820725b18444fcf5d3521aa04cf70
-
SHA1
b69191d71836aa433f63d26556882deb5be72d13
-
SHA256
3899bba945b0ce6429df831e5ba8fbc4f5ecb4576cb0a85fee01a60bd29b5634
-
SHA512
1a13147872ba2e9a3915bdf30d1f646fbcc221673b7b2ceb2edb8749110bbeb22dcce284d33d6ce67bde7554c78af994f9edfdd480c0211fc2f674bc8e870e51
-
SSDEEP
1536:VypIGWGpQumiEgC9961zYyhxysVeBc58bDECC2JfpLMR:VypXXpBmfgWBc58bDQ27MR
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Windows\system32\regsvr32.exeregsvr32 /s C:\Users\Admin\AppData\Local\Temp\3899bba945b0ce6429df831e5ba8fbc4f5ecb4576cb0a85fee01a60bd29b5634.exe1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\regsvr32.exe/s C:\Users\Admin\AppData\Local\Temp\3899bba945b0ce6429df831e5ba8fbc4f5ecb4576cb0a85fee01a60bd29b5634.exe2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1588 -s 2923⤵
- Program crash