Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    29-10-2024 09:40

General

  • Target

    0baacdb18d69e921a3ac39b23a0f55aa02c2d8a2f06d1f2343499c65e8981252N.exe

  • Size

    426KB

  • MD5

    c34450440af105b055fe6b28c6af6e50

  • SHA1

    9062abc3b7b458e52c9e9747730c58764645c399

  • SHA256

    0baacdb18d69e921a3ac39b23a0f55aa02c2d8a2f06d1f2343499c65e8981252

  • SHA512

    8cc73036d8f1517069ab853016a438c0dfb69075562782dac2d00c950846ea42c8160c1d6f375e42952be604557e1ba2708a0409c697e32c115aac92e277b302

  • SSDEEP

    6144:8Z5f30291xuMHlpw9wrvwewMdBtbIbd5xv6P/6CuCNJ0hOYD:8nk291kMHlpw6r4eL3IbxvoyClwzD

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0baacdb18d69e921a3ac39b23a0f55aa02c2d8a2f06d1f2343499c65e8981252N.exe
    "C:\Users\Admin\AppData\Local\Temp\0baacdb18d69e921a3ac39b23a0f55aa02c2d8a2f06d1f2343499c65e8981252N.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1156
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1156 -s 76
      2⤵
        PID:1812

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads