Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
04-06-2024 05:35
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Loader.exe
Resource
win7-20240508-en
windows7-x64
2 signatures
300 seconds
Behavioral task
behavioral2
Sample
Loader.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
12 signatures
300 seconds
General
-
Target
Loader.exe
-
Size
1.4MB
-
MD5
333820706e661defdc1185858d44b5c0
-
SHA1
5da5320fa35e8104d56a792ef72bd390f9bb6acd
-
SHA256
06693efbcf7024eb07f918f0972eecf05d3eefdffc70d6cc24f627a0a1992b29
-
SHA512
7c16d2116ebe9f7eaf847f7f57c28e81fc60ccf4686ddd74bcf93057a6d4b4df80e54d848f1322c084385e6f57da97c5754531c08e2493be1c999353841922c8
-
SSDEEP
24576:mJkC8BOJyvqvKMqnPKixoftztHm1UuPL9R9KWyYyAIZx/o1QN7nOA6oW5gwVdN9P:aKMrNt5HQUuPLL9ryLoe5nOtoWfVZ
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2972 2176 WerFault.exe Loader.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
Loader.exedescription pid process target process PID 2176 wrote to memory of 2972 2176 Loader.exe WerFault.exe PID 2176 wrote to memory of 2972 2176 Loader.exe WerFault.exe PID 2176 wrote to memory of 2972 2176 Loader.exe WerFault.exe PID 2176 wrote to memory of 2972 2176 Loader.exe WerFault.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2176-0-0x00000000746DE000-0x00000000746DF000-memory.dmpFilesize
4KB
-
memory/2176-1-0x0000000000990000-0x0000000000AF6000-memory.dmpFilesize
1.4MB
-
memory/2176-2-0x00000000746D0000-0x0000000074DBE000-memory.dmpFilesize
6.9MB
-
memory/2176-3-0x00000000746DE000-0x00000000746DF000-memory.dmpFilesize
4KB
-
memory/2176-4-0x00000000746D0000-0x0000000074DBE000-memory.dmpFilesize
6.9MB