Overview

overview

3

Static

static

3

ADCollector.exe

windows7-x64

3

ADCollector.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    117s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/02/2024, 18:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ADCollector.exe

  • Size

    528KB

  • MD5

    134c6a513d534a01404f19b2730d68bf

  • SHA1

    2eb961f3ac9940e967959ab9722973815cfc8b18

  • SHA256

    e376d23f48816e9d9a8d74cc9f8891b6fed2cff46d2b0efe989d8272b05931f2

  • SHA512

    26deb96d906460bc465f0de81eb94902e428ec1450a7cc0a9f16a4f73a7e86bc610a0bf6c413e40495deb81ea093972b5b087eed2434ef04f91abb5e971025f0

  • SSDEEP

    12288:Crh1z1E7TxBL927cmjrLf+V696Wsvl66rl6dsk:6EqcI/fly06Md

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ADCollector.exe
    "C:\Users\Admin\AppData\Local\Temp\ADCollector.exe"
    1⤵
      PID:320
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 320 -s 1040
        2⤵
        • Program crash
        PID:4900
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 320 -ip 320
      1⤵
        PID:1948

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/320-0-0x00000000001B0000-0x000000000023A000-memory.dmp

        Filesize

        552KB

        Download

      • memory/320-1-0x0000000074BE0000-0x0000000075390000-memory.dmp

        Filesize

        7.7MB

        Download

      • memory/320-2-0x0000000004D00000-0x0000000004D10000-memory.dmp

        Filesize

        64KB

        Download

      • memory/320-3-0x0000000004B90000-0x0000000004BC8000-memory.dmp

        Filesize

        224KB

        Download

      • memory/320-4-0x0000000004BE0000-0x0000000004CBC000-memory.dmp

        Filesize

        880KB

        Download

      • memory/320-5-0x0000000004D70000-0x00000000050C4000-memory.dmp

        Filesize

        3.3MB

        Download

      • memory/320-6-0x0000000005740000-0x0000000005D58000-memory.dmp

        Filesize

        6.1MB

        Download

      • memory/320-7-0x0000000005240000-0x0000000005272000-memory.dmp

        Filesize

        200KB

        Download

      • memory/320-8-0x0000000074BE0000-0x0000000075390000-memory.dmp

        Filesize

        7.7MB

        Download