Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
03-07-2024 16:36
Behavioral task
behavioral1
Sample
CloudSecurity.exe
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
CloudSecurity.exe
Resource
win10v2004-20240611-en
1 signatures
150 seconds
General
-
Target
CloudSecurity.exe
-
Size
669KB
-
MD5
739b068cdf1a095562cc18fedf520c5e
-
SHA1
3d26ea9d884ef8ec30d1373ab388d28f2b94f1d3
-
SHA256
abcac2031965695b7b513f4fecb8909a4137f035452daea19af090c25cb29954
-
SHA512
62cec4e4765cd0e3b59f1e438da34b6acdef29b4d32eaba7ea76a6b67ec5d630e2d23ad6876cb12fdbd285cc53a05f5a38145800a062e79f65424b5fb076e1c5
-
SSDEEP
6144:xwrGnfIRzRSPpwMHjH4ZGL3O0b83ii96AMaJB8udk4+xZRtiKzvzaOLVYd:xAGwtRSPuMHjH0GL3OB3x6Faa6d
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
CloudSecurity.exedescription pid process target process PID 2112 wrote to memory of 2240 2112 CloudSecurity.exe WerFault.exe PID 2112 wrote to memory of 2240 2112 CloudSecurity.exe WerFault.exe PID 2112 wrote to memory of 2240 2112 CloudSecurity.exe WerFault.exe