Overview
overview
10Static
static
705b48b2909...29.exe
windows10-2004-x64
10143e14de3a...c5.exe
windows10-2004-x64
102c899ff55c...31.exe
windows10-2004-x64
102e0a9b6a39...9b.exe
windows10-2004-x64
104250b0250d...ee.exe
windows10-2004-x64
10464a716862...38.exe
windows10-2004-x64
104d09936a4a...bf.exe
windows10-2004-x64
1059c1607382...01.exe
windows10-2004-x64
1061f1416a77...2b.exe
windows10-2004-x64
1068ca177d42...f8.exe
windows7-x64
768ca177d42...f8.exe
windows10-2004-x64
76ba0db3b66...b3.exe
windows10-2004-x64
108b549a8688...5b.exe
windows10-2004-x64
10a8dffd83e4...8a.exe
windows10-2004-x64
7b6b53c7022...c9.exe
windows10-2004-x64
10ccc5c313f4...94.exe
windows10-2004-x64
10e04ecd64b5...1b.exe
windows7-x64
3e04ecd64b5...1b.exe
windows10-2004-x64
10e38bd93e74...28.exe
windows7-x64
3e38bd93e74...28.exe
windows10-2004-x64
10eab14d8dad...38.exe
windows10-2004-x64
10f943251c5b...1b.exe
windows10-2004-x64
10fb49b50c0d...90.exe
windows7-x64
3fb49b50c0d...90.exe
windows10-2004-x64
10Analysis
-
max time kernel
118s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
10-05-2024 13:23
Behavioral task
behavioral1
Sample
05b48b2909386e117184a0bdde8c6718992cf21d07674042c9d076292b260729.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
143e14de3ab20f2359132907b991db6a76d0d521ba132b83a736d149619409c5.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
2c899ff55cbbdd4c5b9be75b0893daed295266b8392bd0365eb55f6acf67f731.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral4
Sample
2e0a9b6a39ce81b93beb155ac3c237f4a6b9248d6b872ed22bfdf8851796b19b.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
4250b0250d540350db8a017ad70a9992b46d70a0d5ab9438c3c0597af56f27ee.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral6
Sample
464a7168620633d6f4e27494eec6c1cedff2ae39e5ffda7f9913f43efd93bd38.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
4d09936a4a5e882005320c53757dc18469109b9f86d4b6003bb674e1658b0dbf.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral8
Sample
59c1607382fbf89bf1ce30ceb0a4e1724a81c2e855e91e5f12e07c396e822a01.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral9
Sample
61f1416a771544600c2eb0122b2860693273306c4f450b6c7dc5af2a07a52b2b.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral10
Sample
68ca177d42ab79022ede5d703f2f3b4e3de42fc1ae56a531b50f66f3339721f8.exe
Resource
win7-20240508-en
Behavioral task
behavioral11
Sample
68ca177d42ab79022ede5d703f2f3b4e3de42fc1ae56a531b50f66f3339721f8.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral12
Sample
6ba0db3b66f5f3df269e1eb1b3241575d1ec8d58b19767274aae0af44946bbb3.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
8b549a868852eb291819180cd971dd7b163003efa16b8efacf685d2d5f879a5b.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral14
Sample
a8dffd83e4ed96b525aa095a5fdbe826aa6409b97419dc8c1ab463bac16a438a.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
b6b53c7022ec83f58037dc5fee6d8a5dd71ff675b2851d1ebdaac02d608ebac9.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral16
Sample
ccc5c313f416465ffc57b4343c6e512d0568f618620aaa7b258b5d5721aaf394.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
e04ecd64b5614cc4103cdde760de6180002d85792ec28fa0beb64b385bf3f11b.exe
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
e04ecd64b5614cc4103cdde760de6180002d85792ec28fa0beb64b385bf3f11b.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral19
Sample
e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
eab14d8dada2d5205db79e415c61561de2646a3a67f4615bfffa2f0c272f8738.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral22
Sample
f943251c5b3ff162faabeb09676429800f82298b7971cbfb3dee652de07b391b.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral23
Sample
fb49b50c0d470063e9548552158ebf5137ca285f8cf0ccfe1a2ef2d44bbb4390.exe
Resource
win7-20240508-en
Behavioral task
behavioral24
Sample
fb49b50c0d470063e9548552158ebf5137ca285f8cf0ccfe1a2ef2d44bbb4390.exe
Resource
win10v2004-20240426-en
General
-
Target
e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe
-
Size
1.2MB
-
MD5
2cf5d69da271a679e8aa11c6fd68bcbc
-
SHA1
592e89ba9a032d875c9955e3c80e9d852f0bc704
-
SHA256
e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228
-
SHA512
b1fe414b8e9d1c7c56c5265a3c1386f9dd37c97af64a65f7a04e9460bbdae8d8143d84090392bb0bd51f053b1e3b21ca20b3c9953844de542059408eb9f2e929
-
SSDEEP
24576:0jqhS297HFlZVrmEP33ZaogYUspWkRR5sC96E4:0WTFlZVrmEZikyw
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2516 880 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 880 wrote to memory of 2516 880 e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe 28 PID 880 wrote to memory of 2516 880 e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe 28 PID 880 wrote to memory of 2516 880 e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe 28 PID 880 wrote to memory of 2516 880 e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe"C:\Users\Admin\AppData\Local\Temp\e38bd93e7494d62b91d0445138d215387c568aa6b6e9ae0a92842ba7b1999228.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:880 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 880 -s 1162⤵
- Program crash
PID:2516
-