2ec5235af12345ee05668337a7607bcc4b28cf2409d006fbdf749c2ff6275e3b | Triage

Analysis

max time kernel
13s
max time network
18s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
01-10-2024 19:04

Sharing

Report Analysis Logs

General

Target

1_seed-check.exe
Size

2.7MB
MD5

fe8642ef05544492aa7bea74dd228442
SHA1

9cd835042a5feed668604d4f4aca415ff8af9532
SHA256

2ec5235af12345ee05668337a7607bcc4b28cf2409d006fbdf749c2ff6275e3b
SHA512

648155f46994ab9738ab8bcfc49f5bb4db35acde3ecfc324934dac2d4645446d1be04cd39ab014bd9071a8e7ffd38891c225b7330b1c71a702c60f8cb6d6d367
SSDEEP

49152:NPw34yFJzSdhPzD0mOd4606hU6HznKpHaeUGnVn641aibkcrh8A:q9mOd46GHaeUQhVp

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2888 wrote to memory of 2248	2888	1_seed-check.exe	29
PID 2888 wrote to memory of 2248	2888	1_seed-check.exe	29
PID 2888 wrote to memory of 2248	2888	1_seed-check.exe	29

C:\Users\Admin\AppData\Local\Temp\1_seed-check.exe
"C:\Users\Admin\AppData\Local\Temp\1_seed-check.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2888
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2888 -s 28
  2⤵
  PID:2248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2888-0-0x000000013F1E0000-0x000000013F496000-memory.dmp

Filesize
2.7MB

Download