Analysis

  • max time kernel
    16s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11-07-2024 03:56

General

  • Target

    4502d00753405a4dda90486c8ba9a373fb9f08eef7bfc8a5cce63c2219a115fd.exe

  • Size

    530KB

  • MD5

    f86ed3870e7bdff3fbf304b69cff14a3

  • SHA1

    96b60aa50afb2efedb87d4d344a052e85215941d

  • SHA256

    4502d00753405a4dda90486c8ba9a373fb9f08eef7bfc8a5cce63c2219a115fd

  • SHA512

    e9c1352d954dbc90cc9ad082acd2d6148580c6c97c339d0c9adc2ce34ca84c44b1b1c6c9a3f81af570615423227f9ca3d8938d1a3ec24ce8c39095abf5e51168

  • SSDEEP

    12288:/RyWcpG0Sv9+XyyqxhzjnSnWfSkOOEwMErCjRq3rR:/+pG06AuhYGdo07

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4502d00753405a4dda90486c8ba9a373fb9f08eef7bfc8a5cce63c2219a115fd.exe
    "C:\Users\Admin\AppData\Local\Temp\4502d00753405a4dda90486c8ba9a373fb9f08eef7bfc8a5cce63c2219a115fd.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3052 -s 112
      2⤵
      • Program crash
      PID:2684

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3052-0-0x0000000000090000-0x0000000000091000-memory.dmp

    Filesize

    4KB