Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24-05-2024 17:56
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Insomnia.exe
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
General
-
Target
Insomnia.exe
-
Size
533KB
-
MD5
03a847ab7c37c2afc5153913ff897be3
-
SHA1
e9a9b56bb97a039a6063c7b70d398bf2f0038072
-
SHA256
67fcab0ea895e69d884bf283088d75a4051062b3c5c028325042fe2d13af52d8
-
SHA512
ee7750ce6c2497eced516b094e61ff05497bbefb83efaa6fb172e9e02ccc475ad9fbf0f04009921b9e0db538d7a511c7884174955c207292aae0ccc72e8a8791
-
SSDEEP
12288:RxYEZoQZq11WygpAKRcT3hUVwabQIP+P0Xp:RxY0Zq1KRW3hUuan
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 1912 1152 WerFault.exe Insomnia.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
Insomnia.exedescription pid process target process PID 1152 wrote to memory of 1912 1152 Insomnia.exe WerFault.exe PID 1152 wrote to memory of 1912 1152 Insomnia.exe WerFault.exe PID 1152 wrote to memory of 1912 1152 Insomnia.exe WerFault.exe PID 1152 wrote to memory of 1912 1152 Insomnia.exe WerFault.exe