Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

6

Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    03-07-2024 08:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    544697a024abaea1b24eaa3d89869b2c8a4c1acf96d4e152f5632d338d054c9e.exe

  • Size

    564KB

  • MD5

    da4b6f39fc024d2383d4bfe7f67f1ee1

  • SHA1

    7cc975d9ff785e269163897907d0b9b3cee29956

  • SHA256

    544697a024abaea1b24eaa3d89869b2c8a4c1acf96d4e152f5632d338d054c9e

  • SHA512

    d73cc4d911d9e61711b97cb9212d5bc93cb1b1314a39945934eb92239a31728fcca7fefbec0143bad915b0a7a6b93df11d0ab7f559737aa7ec920bd24243fffe

  • SSDEEP

    12288:No4ykJuqlLJop9G3/AmAGWn7sfPJYQIMt8KHsTH:NoBsLaDKAmAbUJ+M2K2

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\544697a024abaea1b24eaa3d89869b2c8a4c1acf96d4e152f5632d338d054c9e.exe
    "C:\Users\Admin\AppData\Local\Temp\544697a024abaea1b24eaa3d89869b2c8a4c1acf96d4e152f5632d338d054c9e.exe"
    1⤵
      PID:4260
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4260 -s 1260
        2⤵
        • Program crash
        PID:4344
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4260 -ip 4260
      1⤵
        PID:4672

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4260-0-0x0000000077224000-0x0000000077225000-memory.dmp

        Filesize

        4KB

        Download