Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24-05-2024 15:42
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
11 signatures
150 seconds
General
-
Target
file.exe
-
Size
459KB
-
MD5
d816aec818e5be0a3b7af1aea4bca1d8
-
SHA1
39f33d063ce0dfb00ca28f591463b497448ef4a7
-
SHA256
6eb4bcd1025074e900c1d7d545f62ae9d92ba787f229b51a628ba941d708dea2
-
SHA512
ffd4d24764a92f63862f0bd2951ae951b6ec8938851de223c89ec3b9a9cb36b6381932b274e4336f6b4a4b23a2e7d1539c65d1cd52f8443b6edf7287f292f842
-
SSDEEP
12288:CKx2l/UOb3qihVErZBo+MV/73TXJELUve:W/L3qihVEVBzMRDXXm
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1508 2236 WerFault.exe file.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
file.exedescription pid process target process PID 2236 wrote to memory of 1508 2236 file.exe WerFault.exe PID 2236 wrote to memory of 1508 2236 file.exe WerFault.exe PID 2236 wrote to memory of 1508 2236 file.exe WerFault.exe PID 2236 wrote to memory of 1508 2236 file.exe WerFault.exe