Overview

overview

3

Static

static

3

c12fd5b14d...dc.exe

windows7-x64

3

c12fd5b14d...dc.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    10-06-2024 16:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c12fd5b14dbafda395f41e9df5fc2269a361622cb6d0b714082b6526baac28dc.exe

  • Size

    121KB

  • MD5

    69f0b43931b55023a0bb436b52d51117

  • SHA1

    c1de5c4bfc4a7395cc55ef13d1b6abbe092848b3

  • SHA256

    c12fd5b14dbafda395f41e9df5fc2269a361622cb6d0b714082b6526baac28dc

  • SHA512

    6670a9f767d5d1681dfbcef70a2f959b121e0c8e08eeb4dd777c27c02be5d61ee08860f11c009bc3dae8e53c1e8fec0fe36bd66af8b77e03ccbe4d76a2a521fe

  • SSDEEP

    1536:dYX7k0IGhtaVZue5TcoInx6rpK1dKPcbkS8fHVkcoM5Za/IO:dYX78bZQkrpKiP7S+VnoM+QO

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c12fd5b14dbafda395f41e9df5fc2269a361622cb6d0b714082b6526baac28dc.exe
    "C:\Users\Admin\AppData\Local\Temp\c12fd5b14dbafda395f41e9df5fc2269a361622cb6d0b714082b6526baac28dc.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2432 -s 268
      2⤵
      • Program crash
      PID:2488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads