Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
13-07-2024 23:05
Behavioral task
behavioral1
Sample
ups.exe
Resource
win7-20240705-en
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
ups.exe
Resource
win10v2004-20240709-en
4 signatures
150 seconds
Behavioral task
behavioral3
Sample
out.exe
Resource
win7-20240704-en
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
out.exe
Resource
win10v2004-20240709-en
1 signatures
150 seconds
General
-
Target
out.exe
-
Size
430KB
-
MD5
7d993afded5cf356d146c89116853604
-
SHA1
ffd0fd025b9fe9bdd1105e62b1b78948bf55bbb2
-
SHA256
577ff7414a9ea28db137d460a0c602b612afbbd3f1691e58756542ab8b4044ea
-
SHA512
4a451f4cb65fcd59fa4ec60b397d3e1871198169f88d124cbc249d74dfea4031f42996e5f870ecc4b82ca5e368c8922b9488a34c481c1aa8b2c798d4f09b9c7b
-
SSDEEP
6144:ZCJBSkHyP4DivRrO+d3cyU6320ho4nbJAj0N91EU7ZUFbz68AO2wjXH7X:ZCJB/RuFhU6ho0ej0N91HFAAw77
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 4428 5052 WerFault.exe out.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\out.exe"C:\Users\Admin\AppData\Local\Temp\out.exe"1⤵PID:5052
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5052 -s 2242⤵
- Program crash
PID:4428
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 5052 -ip 50521⤵PID:5084