Analysis
-
max time kernel
62s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
06-07-2024 14:49
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Exploit-Injector.exe
Resource
win7-20240220-en
2 signatures
150 seconds
General
-
Target
Exploit-Injector.exe
-
Size
520KB
-
MD5
e33e20692925c5e5750ee568c620c2f6
-
SHA1
1dfe2a0b5889d9265032688c415abaf250799e0c
-
SHA256
cfa7563cdcd5e5bb1dab0adbd99c6c485fb980733eecf5138eee937205cd3d6d
-
SHA512
b034cd073d45c07e19a04c1f979a3d4f9cff2f9e3b6e55ebe3bbda0aa0937719ce99a7586fa4a2c7a954e3c6cf89115596d059317b489b17fd14804e607915f1
-
SSDEEP
12288:m1JA1iVEq5ppEZSBTJAuuC0KFhEhhdkNav2DQhy:m1eoVT7EMXJM6M
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2912 2064 WerFault.exe Exploit-Injector.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
Exploit-Injector.exedescription pid process target process PID 2064 wrote to memory of 2912 2064 Exploit-Injector.exe WerFault.exe PID 2064 wrote to memory of 2912 2064 Exploit-Injector.exe WerFault.exe PID 2064 wrote to memory of 2912 2064 Exploit-Injector.exe WerFault.exe PID 2064 wrote to memory of 2912 2064 Exploit-Injector.exe WerFault.exe