Analysis
-
max time kernel
146s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system -
submitted
07/01/2024, 04:04
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
47fa121cbaa57c97cba971e812c4e59b.exe
Resource
win7-20231215-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
47fa121cbaa57c97cba971e812c4e59b.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
47fa121cbaa57c97cba971e812c4e59b.exe
-
Size
11.3MB
-
MD5
47fa121cbaa57c97cba971e812c4e59b
-
SHA1
f7bdddbc406eb41bde6963de4da16f351c495102
-
SHA256
78c61d8ff0640fc1d23b5827a795b02f089c0b9d8ab4d5381f7a0f67201540e8
-
SHA512
fc41339b6c768b6e3b87b3740964008d444b9c2c5449a1a5e44bc0c71954dc70de51b2cf85e10ce22d1e963f9a930cb225202d88eecd26e8d7a7449433d36e44
-
SSDEEP
768:tEkYHAFgBB2TgGJu/Cjet/OxJ+oFEZE9eb8m:tbaAFqKu/CjP+oFEW9eb8m
Score
4/10
Malware Config
Signatures
-
Drops file in Windows directory 63 IoCs
description ioc Process File created C:\Windows\Intelx386\3D Studio R8 (It's Work!!).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Nero 7.5.1.0 (cracked!).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\GBAEmu.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Pack 25 Juegos GameCube.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Winamp 3.5 (full version).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\DivX 7.2 freeware.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\3D Movie Maker.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\VirtualDub 2.1.4.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Visual Basic 6.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Dont Touch.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Winamp 5.0 (full version).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Update Photoshop 7.0 to Photoshop 9.16 (It´s Work!).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\No lo Descargues.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Pack sex very hot nude young girl porn erotic private pussy rape clitoris suck chicas fotos culos tetas coños mamadas corridas sister hermana amigas friends lesbianas mujeres desnudas putas guarras hentai.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Hentai.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Matrix Wallpapers.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Chenoa en cueros.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\VMIntel386.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Hacha Profesional Edition.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Pedofilia pack 37 pics.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Lolita Pack 20 Pics.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\humor.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Juegos JAVA para NOKIA.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Pack 50 Juegos PS2.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Resident Evil for GameCube.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Sexo con una menor.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Update Photoshop 8.0 to Photoshop 9.5 (It´s Work!).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Download Accelerator Plus (DAP) (full version with serial).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\MSN messenger 6.3.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\WAV2MP3.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\WinRar 4 (with crack).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Capitulos ineditos de DragonBall Z jamas emitidos.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\PSEmu.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\WinAmp skings and plugins.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\WinZip 9.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Visual Studio (full).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Terminator 3 Wallpapers.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\FlashGet Max acceleration (Experimental).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\GameCube Emulator.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Follada brutal coño roto.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Hentai Evangelion Poker.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Shinchan screen saver.scr 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\WinRar v6.11 (with crack).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Simpsons pack guiones (Temporada 2004).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Mazinkaiser comics pack.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Silent Hill.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Puta come mierda.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\WinAce 3.85 (with Serial).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\RealOne Player (Full version).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Pack Tonos y Logos para Nokia.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\RM2GBA.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Fuck my fat ass.avi.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Solo para Maricas.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Dont Download.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Winamp 3 (full version).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\ContaWin 2000 (full version).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Visual C.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\mugen (full).exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\BsPlayer v3.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Mazinkaiser pack fondos de escritorio.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\Hentai Shizuka clit.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\a pelo.exe 47fa121cbaa57c97cba971e812c4e59b.exe File created C:\Windows\Intelx386\German extreme violation.mpg.exe 47fa121cbaa57c97cba971e812c4e59b.exe -
Program crash 1 IoCs
pid pid_target Process procid_target 4088 4828 WerFault.exe 18
Processes
-
C:\Users\Admin\AppData\Local\Temp\47fa121cbaa57c97cba971e812c4e59b.exe"C:\Users\Admin\AppData\Local\Temp\47fa121cbaa57c97cba971e812c4e59b.exe"1⤵
- Drops file in Windows directory
PID:4828 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4828 -s 2882⤵
- Program crash
PID:4088
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 4828 -ip 48281⤵PID:1148
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
92KB
MD5c4688ef4b9ebed13fa347f2806e1baeb
SHA18c30a1ad6f57c9fc25fc7a87440317dcde4450e8
SHA256afa36653bf0e51f06851854e4f54622577b0bdd1ce41f22b84453d885a89de0b
SHA512ccee3d37cafadfdf271adf3533e8367a3a666020b14fb096bc3ed2184ec912963a6031226f5220a1dd22a95460aabbbc23d39b382c0417c82da8af1e8bdb0975