Analysis
-
max time kernel
113s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20240704-en -
resource tags
-
submitted
06-07-2024 16:36
General
-
Target
31581a6f5822cd65e3e22571292e3617b86fe76d87d301f8d9aa1d7f87495dc8.exe
-
Size
452KB
-
MD5
2498a8b0f3bb1595a145448f21ac5928
-
SHA1
b64707a9cbffe894359fd50af9502625fbe73c29
-
SHA256
31581a6f5822cd65e3e22571292e3617b86fe76d87d301f8d9aa1d7f87495dc8
-
SHA512
af35dfca7a1c87fa1a116e38f01f52ff4562c75abe358ef777ca6ec4f296a7ef6a2c1dc32c020bc7cabdce7997d4de751f1a5baeae91e46663f87876fbe82ff4
-
SSDEEP
6144:eSiZdIUHgezH20Dc9tjZY5vJ9hdePJmy8gwOiSTEbU9MCKmhDrjPJEO/YhbTzCwm:9IgezJU3qx9fefmfWErdmhzPJzY6
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Checks processor information in registry 2 TTPs 4 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\31581a6f5822cd65e3e22571292e3617b86fe76d87d301f8d9aa1d7f87495dc8.exe"C:\Users\Admin\AppData\Local\Temp\31581a6f5822cd65e3e22571292e3617b86fe76d87d301f8d9aa1d7f87495dc8.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3460 -s 4482⤵
- Program crash
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4160,i,18267267250369716772,14567143188126594249,262144 --variations-seed-version --mojo-platform-channel-handle=4320 /prefetch:81⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 364 -p 3460 -ip 34601⤵
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe"2⤵
- Checks processor information in registry
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4168.0.1500094590\627744758" -parentBuildID 20230214051806 -prefsHandle 1760 -prefMapHandle 1752 -prefsLen 22076 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {62d7c816-4fb9-430a-912b-bb65740edb23} 4168 "\\.\pipe\gecko-crash-server-pipe.4168" 1840 1bea031c058 gpu3⤵
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4168.1.1685913439\896189771" -parentBuildID 20230214051806 -prefsHandle 2392 -prefMapHandle 2388 -prefsLen 22112 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4f551be1-4601-4b6d-80ab-685335a440a1} 4168 "\\.\pipe\gecko-crash-server-pipe.4168" 2404 1be93684a58 socket3⤵
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4168.2.1064450847\531041972" -childID 1 -isForBrowser -prefsHandle 2772 -prefMapHandle 3032 -prefsLen 22150 -prefMapSize 235121 -jsInitHandle 976 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {826858a9-6757-403e-ae4a-e0cc3b8539e5} 4168 "\\.\pipe\gecko-crash-server-pipe.4168" 3268 1be9f397158 tab3⤵
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
368KB