Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 09:16
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20240220-en
2 signatures
150 seconds
General
-
Target
file.exe
-
Size
407KB
-
MD5
8f36720e87f9d5f3515afbe099b0e457
-
SHA1
e404cf4fb5ad9d9bff8bd5c8d343a60df27161d8
-
SHA256
7d740bcc6e1ebdf1ec1a25242db7ab2aabbfa568394f0775287e28f69d526877
-
SHA512
05e46480bf2a4e788b21a5209e9400eb73656b8bb6d716af981f36fd05a7c6142c4cfdefa9dee01098c7b2621e6ccf63c331a2ad27fcf9bcea1f45faeb133a25
-
SSDEEP
6144:+EotgE1A4rFmd7Ta1SkmkwMZCKmLuKtuMfDFrbWWxhg8ZkriwCEvMzZwb0LlmwrW:+fNUd7Ta1DTn+ttfdpbZwGCb0QMqES
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2268 2868 WerFault.exe file.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
file.exedescription pid process target process PID 2868 wrote to memory of 2268 2868 file.exe WerFault.exe PID 2868 wrote to memory of 2268 2868 file.exe WerFault.exe PID 2868 wrote to memory of 2268 2868 file.exe WerFault.exe PID 2868 wrote to memory of 2268 2868 file.exe WerFault.exe