2a8a340fc9c395fe23211ac95d124b64452d49c67b069f53aaf3dbe16e95791d | Triage

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
26-07-2024 07:32

Sharing

Report Analysis Logs

General

Target

responsibilityleadpro.exe
Size

2.5MB
MD5

7ec668c3b4c15673fba630de189fb498
SHA1

374c51e20c296bcf6de38c069617576d947a6044
SHA256

2a8a340fc9c395fe23211ac95d124b64452d49c67b069f53aaf3dbe16e95791d
SHA512

8999cdbd5bd744f5b933e412d98bf190f81a42ce005aa22da66d0007dab781c6d1a70eb70ceadbbf2cdb43e93186e00c751a75eb27701cf46f9c67504dde770a
SSDEEP

49152:RAhSsz4fvLn4bJphafC8WzffFP30EaInD0Qy:U3zffFMEaCD0

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

responsibilityleadpro.exe

description	pid	process	target process
PID 2432 wrote to memory of 3064	2432	responsibilityleadpro.exe	WerFault.exe
PID 2432 wrote to memory of 3064	2432	responsibilityleadpro.exe	WerFault.exe
PID 2432 wrote to memory of 3064	2432	responsibilityleadpro.exe	WerFault.exe

C:\Users\Admin\AppData\Local\Temp\responsibilityleadpro.exe
"C:\Users\Admin\AppData\Local\Temp\responsibilityleadpro.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2432
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2432 -s 140
  2⤵
  PID:3064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads