Overview

overview

10

Static

static

3

file.exe

windows7-x64

3

file.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    15-06-2024 16:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    file.exe

  • Size

    412KB

  • MD5

    199b3fac9ac583cee18d6967a14ad6f4

  • SHA1

    71875ea5dbd2ed7e16b34476e1f05fcbe164603d

  • SHA256

    48bc1d427c46a8e213d03ce347162f3fd2076766ddff3e70bd52b95f967e8e49

  • SHA512

    b00cd6e4fa3764c0a7a9a3c1f2648a49f6281979f7f574fa7639d721c11aa0e8fc2ab0f1d29070bee5f4db20f92bf78104bf0b05bfe6fde2db501e36816bb488

  • SSDEEP

    6144:z2DUGv8rrPDXLU7nUp57KPBOgssDeKBQhkldbUu+fVDF9w9fdtE/fEwqGS:z2xv8rjDT7cWsDVQhkldbEo9VYRS

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\file.exe
    "C:\Users\Admin\AppData\Local\Temp\file.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2220 -s 48
      2⤵
      • Program crash
      PID:2188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2220-0-0x0000000000020000-0x0000000000021000-memory.dmp
    Filesize

    4KB

    Download