Overview

overview

3

Static

static

3

c12fd5b14d...dc.exe

windows7-x64

3

c12fd5b14d...dc.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    51s
  • max time network
    52s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/06/2024, 16:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c12fd5b14dbafda395f41e9df5fc2269a361622cb6d0b714082b6526baac28dc.exe

  • Size

    121KB

  • MD5

    69f0b43931b55023a0bb436b52d51117

  • SHA1

    c1de5c4bfc4a7395cc55ef13d1b6abbe092848b3

  • SHA256

    c12fd5b14dbafda395f41e9df5fc2269a361622cb6d0b714082b6526baac28dc

  • SHA512

    6670a9f767d5d1681dfbcef70a2f959b121e0c8e08eeb4dd777c27c02be5d61ee08860f11c009bc3dae8e53c1e8fec0fe36bd66af8b77e03ccbe4d76a2a521fe

  • SSDEEP

    1536:dYX7k0IGhtaVZue5TcoInx6rpK1dKPcbkS8fHVkcoM5Za/IO:dYX78bZQkrpKiP7S+VnoM+QO

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c12fd5b14dbafda395f41e9df5fc2269a361622cb6d0b714082b6526baac28dc.exe
    "C:\Users\Admin\AppData\Local\Temp\c12fd5b14dbafda395f41e9df5fc2269a361622cb6d0b714082b6526baac28dc.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:5116
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 5116 -s 668
      2⤵
      • Program crash
      PID:1364
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 364 -p 5116 -ip 5116
    1⤵
      PID:2344

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads