019a90f2cdb054f7302fb40b673d4883a569d43d982d4a710b4942787b8cec0b | Triage

Analysis

max time kernel
18s
max time network
19s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
15-10-2024 01:55

Sharing

Report Analysis Logs

General

Target

Encryptor.exe
Size

275KB
MD5

04cd010315e0a958619211a633e5f9c0
SHA1

dcf3f728e40c3f6d6879ea2b1b2f5d2930881a25
SHA256

019a90f2cdb054f7302fb40b673d4883a569d43d982d4a710b4942787b8cec0b
SHA512

716dd7288270fe01a4db89272c99ef1b08584518d74ecb3ff097ed8a25d41e167c5cae28c62a009682c566d7c5e711a09d6457e64e6d515243f6ce15a9cae9b2
SSDEEP

6144:9csCKzugqUYynir0Z4IKlPqa4nEFlatBOALF:OKXqUYyir0Z4fr4EFJ4F

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1904 wrote to memory of 2760	1904	Encryptor.exe	31
PID 1904 wrote to memory of 2760	1904	Encryptor.exe	31
PID 1904 wrote to memory of 2760	1904	Encryptor.exe	31

C:\Users\Admin\AppData\Local\Temp\Encryptor.exe
"C:\Users\Admin\AppData\Local\Temp\Encryptor.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1904
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 1904 -s 348
  2⤵
  PID:2760

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads