Analysis
-
max time kernel
120s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
12/06/2024, 18:18
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
zmxy3ssfz_gr/????3????0.5exe.exe
Resource
win7-20231129-en
8 signatures
150 seconds
Behavioral task
behavioral2
Sample
zmxy3ssfz_gr/????3????0.5exe.exe
Resource
win10v2004-20240611-en
1 signatures
150 seconds
General
-
Target
zmxy3ssfz_gr/????3????0.5exe.exe
-
Size
4.9MB
-
MD5
78eb8bd315022a691deb5de0a0668381
-
SHA1
c84819ef3647df38f7384e87edd176a04142fa1a
-
SHA256
88700e2e688a0848d094001311f364c3ac325985dd75c4118f51057a1d1ca776
-
SHA512
e433d325d0fc11b69e55daa06c1f05449d37fb9fdd96ef50375e446941711526805521a8b95cbfeb59f62772adb5876868d9da1208ad8c3b692a6489fd69c48f
-
SSDEEP
98304:7gqQZGSFNs6KFtZDwzcZMgEnoSE5wYqdwkLcHHwjjyb05LAtGig29JBAUZLg:frzqjAT05LVigAJVs
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 4904 2084 WerFault.exe 80
Processes
-
C:\Users\Admin\AppData\Local\Temp\zmxy3ssfz_gr\____3____0.5exe.exe"C:\Users\Admin\AppData\Local\Temp\zmxy3ssfz_gr\____3____0.5exe.exe"1⤵PID:2084
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2084 -s 5762⤵
- Program crash
PID:4904
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2084 -ip 20841⤵PID:1608