Analysis
-
max time kernel
3s -
max time network
1s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
25-05-2024 14:25
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240221-en
2 signatures
150 seconds
General
-
Target
Setup.exe
-
Size
457KB
-
MD5
ee80b9f0a83d2da66013b0bb69964171
-
SHA1
047e1549b4e9c8a3de441297bdc2656b1430a64c
-
SHA256
bbd4ebadb6cf95a4eca65d3c77a250c88d54c31ce76ae11b7fa3fb13d1c4588a
-
SHA512
7eaeb5c1c2efc57f42ef1da91ac836fdf2316cd2cd32626a8b7178b4e1cca81ef6f38e8775260f836f1c06033fbc3b29688886574aa7e9035f96d2bb8e295008
-
SSDEEP
6144:P0KBmV04bcIGQ43L6kHUuXfwL//Vpbaq5G8QVmtGBdFzOMgdHyCwykoc4oSrSy5B:MKBmV00f7Vf6QM2SCCaomh5QIde
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 3012 2348 WerFault.exe Setup.exe -
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
Setup.exedescription pid process target process PID 2348 wrote to memory of 3012 2348 Setup.exe WerFault.exe PID 2348 wrote to memory of 3012 2348 Setup.exe WerFault.exe PID 2348 wrote to memory of 3012 2348 Setup.exe WerFault.exe PID 2348 wrote to memory of 3012 2348 Setup.exe WerFault.exe PID 2348 wrote to memory of 3012 2348 Setup.exe WerFault.exe PID 2348 wrote to memory of 3012 2348 Setup.exe WerFault.exe PID 2348 wrote to memory of 3012 2348 Setup.exe WerFault.exe