Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 19:49
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20240705-en
2 signatures
150 seconds
General
-
Target
Setup.exe
-
Size
531KB
-
MD5
b1479bd80cbfea3cb5db91c52bba0615
-
SHA1
5669b797bd023efbc6f1e6823a9b1b98f4031ad3
-
SHA256
1dda11a1f85b968ac0cf7b71f31956839690a7134069fe6073062021d53b5023
-
SHA512
3bd87b7deb5cad4f4a89ea366ce6f8c23eb5a5d2f0c079c1d97b9d3a5b98e83e5396f0af1b3cd435fb75d195284856369e7811e5462a2b8f1bc9b55ec7b86f61
-
SSDEEP
12288:+egSWmZ6T5wsKyrrSJSPu4sVDOcotJTGX9w32tsh:+ejFZgtESPuFaU9wGts
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2668 2156 WerFault.exe Setup.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
Setup.exedescription pid process target process PID 2156 wrote to memory of 2668 2156 Setup.exe WerFault.exe PID 2156 wrote to memory of 2668 2156 Setup.exe WerFault.exe PID 2156 wrote to memory of 2668 2156 Setup.exe WerFault.exe PID 2156 wrote to memory of 2668 2156 Setup.exe WerFault.exe