Overview

overview

3

Static

static

3

Asunto_Pro...2..exe

windows10-2004-x64

3

Asunto_Pro...2..exe

windows10-1703-x64

3

Asunto_Pro...2..exe

windows7-x64

3

Asunto_Pro...2..exe

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-es
  • resource tags

    arch:x64arch:x86image:win7-20240508-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    03/07/2024, 03:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Asunto_Procesado_N°_428428842..exe

  • Size

    1.2MB

  • MD5

    cd4e16da6c24dba6b5015281aaeb469a

  • SHA1

    41a2aa79272fd529ffc92b47e817bd0a1e979af0

  • SHA256

    c8d0bbcfda19f38c51dd772e5457b60ff59eb028799dca1fe4ce5d72b281b452

  • SHA512

    516096076cfb4e793e2cf93f668cded5110af93fa889e616e97f79bf583ecced5dd900eb31967ebb4b199b8a2d39cf5fec83804d268a7970d5296f5b683a8a0e

  • SSDEEP

    24576:5zDqsj8HSowAyrTVE3U5FjyTG1NAQ82MfgQEbSmMXixypY:5zDqswSZrEUPPqMMjEzk+

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Asunto_Procesado_N°_428428842..exe
    "C:\Users\Admin\AppData\Local\Temp\Asunto_Procesado_N°_428428842..exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1540
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1540 -s 168
      2⤵
      • Program crash
      PID:2124
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2680

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1540-0-0x0000000000400000-0x0000000000545000-memory.dmp

      Filesize

      1.3MB

      Download