Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    16-07-2024 14:23

General

  • Target

    839098d2b42765abf8c1066900745e03a0da338c.exe

  • Size

    1.6MB

  • MD5

    58f6371fad0f06a8c78026ca2d44e7ee

  • SHA1

    839098d2b42765abf8c1066900745e03a0da338c

  • SHA256

    42039b6edc8a92257987047991f1c99eac490366de4e22ff5f0c3fd8fa31135a

  • SHA512

    d59565f0cf902ed54d5cacceff3f29ec78f824c792d5ae75677f26efec825187f0b6356b70a3005df9d8015904fb4c8398c8e499659c2168fccd77a976736aaa

  • SSDEEP

    24576:1Hb5Bli50xv2T4EM9X0cjRjFmhco/ZyFvaZjeCi8DI/fdKFZA16GSbxpSA07YN3O:9b5W+uWRhKV4FceCxyKFZo

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\839098d2b42765abf8c1066900745e03a0da338c.exe
    "C:\Users\Admin\AppData\Local\Temp\839098d2b42765abf8c1066900745e03a0da338c.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2984 -s 740
      2⤵
      • Program crash
      PID:2680

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2984-0-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

  • memory/2984-1-0x0000000000400000-0x00000000005A4000-memory.dmp

    Filesize

    1.6MB