Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
24-05-2024 15:46
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20231129-en
2 signatures
150 seconds
General
-
Target
file.exe
-
Size
355KB
-
MD5
22152460b13e4c2473dc3fcdea192933
-
SHA1
48ce4a69302e860cd905cd02a10aac942f09d9f3
-
SHA256
51cba9b4aefefaf72a791e1929f98553f50d643a22179a6aaac9d13f45ea8b43
-
SHA512
1dbcc6f21c9adfc4f28434cffac8c00fb251e3fbf574a69345792837989f74bfc74a67462e7c4f71333a07caf90e0f3e6c51daf0b2640bae3e06af14c8855104
-
SSDEEP
6144:KnRqyzZ8VqCaMx3CkcY7FGCdGr0gx1POGIAYanWdHBSxz27XrvnksFwemJ:6RqyzZ2IOGCgfPOGI2nWdhSzUbkReG
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2352 2232 WerFault.exe file.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
file.exedescription pid process target process PID 2232 wrote to memory of 2352 2232 file.exe WerFault.exe PID 2232 wrote to memory of 2352 2232 file.exe WerFault.exe PID 2232 wrote to memory of 2352 2232 file.exe WerFault.exe PID 2232 wrote to memory of 2352 2232 file.exe WerFault.exe