4011ef06c8ab767c62a56b8f90bcda475485ef2a4199ea1dae324d13b4ade5d2 | Triage

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
22-05-2024 20:36

Sharing

Report Analysis Logs

General

Target

befacajhdg_P.exe
Size

674KB
MD5

fa589ac7920c04eff43238d6cd6068ec
SHA1

3a3896dbf780c8af638d2fb47b8c6f6d877b293c
SHA256

e150aac75f5a442eefca075cc815e7baa1ade1a4559834e0f643ccc6baceda1f
SHA512

b251f959de836c768b7eb35c5f5d7128bd490015da09039f2131fda73b343aa0b586a6f97cd622bf9f57627987c21661b619087b89ccf3c4c5e88add3f5be0be
SSDEEP

12288:LD5tyzPh2XsEQRU+Rknn00fkgb8vLKC4JJxkyIkJyWAhvEH:LlfXrQKP00sgYt4JJxkmYw

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

3040 1920 WerFault.exe befacajhdg_P.exe

C:\Users\Admin\AppData\Local\Temp\befacajhdg_P.exe
"C:\Users\Admin\AppData\Local\Temp\befacajhdg_P.exe"
1⤵
PID:1920

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1920 -s 228
2⤵
- Program crash
PID:3040

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 1920 -ip 1920
1⤵
PID:212

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...