Overview

overview

3

Static

static

3

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

3

Analysis

  • max time kernel
    195s
  • max time network
    297s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    11-07-2024 22:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ad151a7ff1d02e3ff5043b3cc7c85d3e1d7961d012ec0950233f52601e76ff09.exe

  • Size

    1.2MB

  • MD5

    293bdbec6a256c88eb2cfb4e46e892ae

  • SHA1

    885234edc7a3347b49c209569555d9c1083f4f27

  • SHA256

    ad151a7ff1d02e3ff5043b3cc7c85d3e1d7961d012ec0950233f52601e76ff09

  • SHA512

    f0f67ac6be3bb36babd82a53df0b589135a18185b0f18e0ae6d505769046f94bb378bc19da494dc537e6ce1b67997c3c4ddad10a7dddf2cf7fabf769c3d70dd5

  • SSDEEP

    24576:5xIRF9sB8mDluB5N+RcZN69tJq/nTVJdFoa+Se/Z1K+BV4Ztnrm2FsiIRsyHtUoz:5HINUCe5CnrFyNPaugiAUXWeySlD

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ad151a7ff1d02e3ff5043b3cc7c85d3e1d7961d012ec0950233f52601e76ff09.exe
    "C:\Users\Admin\AppData\Local\Temp\ad151a7ff1d02e3ff5043b3cc7c85d3e1d7961d012ec0950233f52601e76ff09.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3288
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3288 -s 988
      2⤵
      • Program crash
      PID:3916
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3288 -s 644
      2⤵
      • Program crash
      PID:4048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3288-0-0x0000000004910000-0x00000000049FA000-memory.dmp

    Filesize

    936KB

    Download

  • memory/3288-1-0x0000000004910000-0x00000000049FA000-memory.dmp

    Filesize

    936KB

    Download