Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 12:52
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
creaminstaller.exe
Resource
win7-20240705-en
2 signatures
150 seconds
General
-
Target
creaminstaller.exe
-
Size
517KB
-
MD5
ff6ebaba7de1e99d37206afc9f9281e7
-
SHA1
c1f7bfb48bc6ff019ae697a9a724e821cb0b2624
-
SHA256
0d58b7e445ac81c5000f1fc82566974158440aeabd57b2b16080659386ea64f8
-
SHA512
22dd0ef1411ce92347f0fc055b2f869d33d7f058622228cbca5833b55ce7a3bcf5b3c25ad9cbbe859cb634a0e5bd5c884fc1e96f0f17cad55c2372109094141f
-
SSDEEP
12288:KYAHs+2jwV5HLhhzAEeSZ3U7gOsIqvjM8gUnRfYpr0JP/trch:KYpVjUrfAEeSK71sJM8DBzc
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2532 2096 WerFault.exe creaminstaller.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
creaminstaller.exedescription pid process target process PID 2096 wrote to memory of 2532 2096 creaminstaller.exe WerFault.exe PID 2096 wrote to memory of 2532 2096 creaminstaller.exe WerFault.exe PID 2096 wrote to memory of 2532 2096 creaminstaller.exe WerFault.exe PID 2096 wrote to memory of 2532 2096 creaminstaller.exe WerFault.exe