General
-
Target
WerMgr.exe
-
Size
191KB
-
Sample
220419-vmdtfsehcp
-
MD5
84334d3ff61437deeb3a4a22a22a6929
-
SHA1
d88cd0f46e8f02e65b04f0a81b169bf9f8b7dedc
-
SHA256
f9830090b4f92cddd5fcfc37eb596fb883bfd69ba854153c2e3c7d08e09c5f1e
-
SHA512
7b7613266c6996174d244b8512e98719b7f705b0e9e61236e54f8e01de7d3144455ad3ea5a45747381a7d5b3005bf93017fad4b3cf1699da3adf4fa6f3b60cd4
Static task
static1
Behavioral task
behavioral1
Sample
WerMgr.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
WerMgr.exe
-
Size
191KB
-
MD5
84334d3ff61437deeb3a4a22a22a6929
-
SHA1
d88cd0f46e8f02e65b04f0a81b169bf9f8b7dedc
-
SHA256
f9830090b4f92cddd5fcfc37eb596fb883bfd69ba854153c2e3c7d08e09c5f1e
-
SHA512
7b7613266c6996174d244b8512e98719b7f705b0e9e61236e54f8e01de7d3144455ad3ea5a45747381a7d5b3005bf93017fad4b3cf1699da3adf4fa6f3b60cd4
-
Arcane log file
Detects a log file produced by the Arcane Stealer.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-