Resubmissions

22-08-2024 18:43

240822-xc563asamh 10

21-08-2024 17:16

240821-vtjnaathnq 10

30-06-2024 00:59

240630-bcjr6svbkk 10

20-06-2024 02:02

240620-cf43ysxbnk 10

20-06-2024 01:44

240620-b5v1xawemk 10

19-06-2024 01:10

240619-bjmseavfmp 10

18-06-2024 20:40

240618-zfwsxawdpa 10

18-06-2024 13:45

240618-q2vcjawdle 10

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    18-06-2024 20:40

General

  • Target

    out.exe

  • Size

    51KB

  • MD5

    8f681b52fcfe200d14c81d297a323cf7

  • SHA1

    1375d3c3cb1d2ea8d6f80a2cfe11107d80ad9a34

  • SHA256

    a1c1164f6b43a3592a98b29adc045f9ca37ec0624eb2f2c027bfffe24a4915d1

  • SHA512

    88f936cfc95833017fefa7a342cb9b41ae7ea2e7123f7e8bb4192db53b0b48998421176132a4ead98fbb25d31d0f1ee8e0f7995d14e94ab3e094d4dcceb7ad36

  • SSDEEP

    768:uElAvOs4CTfOgGYdlNGCizSHdq12UMx9s6zAKSXwa/2e:ZlafjVsrODKpKSXN

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\out.exe
    "C:\Users\Admin\AppData\Local\Temp\out.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2208
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2208 -s 36
      2⤵
      • Program crash
      PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads