0d9fcb8894240750cb5e4222ea78572aba6618eb5297c2069588ceb979d52d8b

Submit
Reports

Overview

overview

Static

static

0778d2ae60...93.exe

windows10-2004-x64

2005110ee8...24.exe

windows10-2004-x64

290072a9e1...51.exe

windows10-2004-x64

3998d0e987...7f.exe

windows10-2004-x64

435844f4e1...2b.exe

windows10-2004-x64

495fbfecbc...72.exe

windows10-2004-x64

542c157186...88.exe

windows10-2004-x64

561d7f0505...35.exe

windows10-2004-x64

617364875d...bb.exe

windows10-2004-x64

6312ac9176...d8.exe

windows10-2004-x64

63545fa195...8a.exe

windows10-2004-x64

6555038a04...42.exe

windows10-2004-x64

677393ff5e...59.exe

windows10-2004-x64

680caf0e30...75.exe

windows10-2004-x64

70192d461c...8b.exe

windows10-2004-x64

76199c2662...6d.exe

windows10-2004-x64

8727091cbb...44.exe

windows10-2004-x64

91450f9e8a...dc.exe

windows10-2004-x64

93386ea79c...b9.exe

windows10-2004-x64

942bc9e43e...7c.exe

windows10-2004-x64

ac7a29cb82...b8.exe

windows10-2004-x64

baa851154b...1f.exe

windows10-2004-x64

bb5ca9d8de...69.exe

windows10-2004-x64

c15e2ffa84...07.exe

windows10-2004-x64

c743ba0861...26.exe

windows10-2004-x64

cfda742c2d...e5.exe

windows10-2004-x64

d1d74ec103...34.exe

windows10-2004-x64

d765e722e2...b9.exe

windows10-2004-x64

daa41f5230...de.exe

windows10-2004-x64

ed12ea76d0...0a.exe

windows10-2004-x64

f062577b68...e0.exe

windows10-2004-x64

f244a04265...35.exe

windows10-2004-x64

Resubmissions

13-07-2024 09:54

240713-lxcvgawdmn 10

13-07-2024 09:52

240713-lv46yawdkj 10

13-07-2024 09:46

240713-lrz3tayajc 10

Analysis

max time kernel
1357s
max time network
1146s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
13-07-2024 09:54

Sharing

Copy URL

Twitter E-mail

Static task

static1

10 signatures

Behavioral task

behavioral1

Sample

0778d2ae6074545731b471360877b58c89ba0aaca6a0ffdb25694340c910cc93.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact persistence ransomware spyware stealer

windows10-2004-x64

22 signatures

1800 seconds

Behavioral task

behavioral2

Sample

2005110ee806a4fb40e00fe6c76af3527e3d66cd828723ee39529942812b8924.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

21 signatures

1800 seconds

Behavioral task

behavioral3

Sample

290072a9e1cf3872487cf586a592be534abc894d20ffd1121fe8338f1b52b451.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

22 signatures

1800 seconds

Behavioral task

behavioral4

Sample

3998d0e987accc2837c6bf87fdb2796d0170ae2a79383b78fd778531410e337f.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

22 signatures

1800 seconds

Behavioral task

behavioral5

Sample

435844f4e1a57fbfa40edf039ac0b29fab6c4115adbaba2ff2907c921a6aac2b.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral6

Sample

495fbfecbcadb103389cc33828db139fa6d66bece479c7f70279834051412d72.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral7

Sample

542c157186bae766dd3e2df424e9c25251d71086b99cc9df121bc9bf50462688.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

24 signatures

1800 seconds

Behavioral task

behavioral8

Sample

561d7f05055800d3eb9d9e150969e2c84a71dc82a362fb3e1a224af420e53b35.exe

Resource

win10v2004-20240709-en

wannacry ransomware worm

windows10-2004-x64

4 signatures

1800 seconds

Behavioral task

behavioral9

Sample

617364875d331ab132bac1e63fb9b5a00ac5a33a22b93749dd6ee384ed435dbb.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral10

Sample

6312ac91761037de7a7afc7323671a004db71b31a69499178437bdf939fa9dd8.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

22 signatures

1800 seconds

Behavioral task

behavioral11

Sample

63545fa195488ff51955f09833332b9660d18f8afb16bdf579134661962e548a.exe

Resource

win10v2004-20240709-en

mimikatz bootkit persistence spyware stealer

windows10-2004-x64

15 signatures

1800 seconds

Behavioral task

behavioral12

Sample

6555038a04997404d48cf866ebb81f134082ef1613408779cf2a589068312a42.exe

Resource

win10v2004-20240709-en

discovery evasion execution persistence privilege_escalation ransomware

windows10-2004-x64

21 signatures

1800 seconds

Behavioral task

behavioral13

Sample

677393ff5efc9f6f050b4b5ed62579f2f050eeec53e7a17cb51c31c148546f59.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral14

Sample

680caf0e30b204544971d053b635ed0e3f1dee3332d9eab8a08b3f04cd7ecd75.exe

Resource

win10v2004-20240709-en

quasar office04 spyware trojan

windows10-2004-x64

10 signatures

1800 seconds

Behavioral task

behavioral15

Sample

70192d461c98da3d6d9734663dfee8d121b2739e9868f28b1fa67794ba3c9a8b.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral16

Sample

76199c26622c58fa0a22355d710ef06d86e3cce56def3d9a3c38ea395e48066d.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral17

Sample

8727091cbb89e5e31eeb2503ffaa242601c8840eee0973fd62fedf1b4b58ab44.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

23 signatures

1800 seconds

Behavioral task

behavioral18

Sample

91450f9e8aeb0361867cdefc0bb7e5bad8941b5081db549d34a91072df4db5dc.exe

Resource

win10v2004-20240709-en

ransomware

windows10-2004-x64

6 signatures

1800 seconds

Behavioral task

behavioral19

Sample

93386ea79c58a95c033e66da99d155264f0028a43973a9a4496f3fc8c89db0b9.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

1800 seconds

Behavioral task

behavioral20

Sample

942bc9e43e40e01694365aced2331634257727783353c7d49d940abcc215a17c.exe

Resource

win10v2004-20240709-en

chaos ransomware spyware stealer

windows10-2004-x64

14 signatures

1800 seconds

Behavioral task

behavioral21

Sample

ac7a29cb82b7b3e50d8aaa0da5e431f0b466de07dad241e5b6090cf71963e3b8.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

23 signatures

1800 seconds

Behavioral task

behavioral22

Sample

baa851154b7492b20ea71c068f77e7e2b91d347fb97e5e05999af153e3fd0f1f.exe

Resource

win10v2004-20240709-en

chaos ransomware spyware stealer

windows10-2004-x64

14 signatures

1800 seconds

Behavioral task

behavioral23

Sample

bb5ca9d8de51734dbd14dc081c7c892d819cd14fafd7ccd62849d70f9e679369.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

22 signatures

1800 seconds

Behavioral task

behavioral24

Sample

c15e2ffa84d30fa17e9c61c19cde98b22ac6e259ec16b68a9927bed13a0aec07.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

21 signatures

1800 seconds

Behavioral task

behavioral25

Sample

c743ba08610d442531bb897a35748ba6fe897e730cea6e29377ba21141901326.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

1800 seconds

Behavioral task

behavioral26

Sample

cfda742c2de7706171af64a89806656a107069e1677aa4ce0583e696f954fde5.exe

Resource

win10v2004-20240709-en

chaos ransomware spyware stealer

windows10-2004-x64

14 signatures

1800 seconds

Behavioral task

behavioral27

Sample

d1d74ec1039ff5aab99faf99bf70fb07f6b4c763a0c2fbc08b702ec9dcb03834.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

1800 seconds

Behavioral task

behavioral28

Sample

d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9.exe

Resource

win10v2004-20240709-en

cryptolocker persistence ransomware

windows10-2004-x64

5 signatures

1800 seconds

Behavioral task

behavioral29

Sample

daa41f52309815eff99483c87788bfb56b8576f15eaad42cd5b06bb3cf0cccde.exe

Resource

win10v2004-20240709-en

discovery exploit persistence ransomware spyware stealer

windows10-2004-x64

16 signatures

1800 seconds

Behavioral task

behavioral30

Sample

ed12ea76d03b8255f361975cebd5c579491dacc60c52e03373e7bf509523820a.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

22 signatures

1800 seconds

Behavioral task

behavioral31

Sample

f062577b6879fb42fbf7fef1c2a21f96d4d372f1424c1c77f255d13fb60bfae0.exe

Resource

win10v2004-20240709-en

chaos defense_evasion evasion execution impact ransomware spyware stealer

windows10-2004-x64

22 signatures

1800 seconds

Behavioral task

behavioral32

Sample

f244a04265405ae8295551a1324c6dc3162d611b4a152658096d675a31a57d35.exe

Resource

win10v2004-20240709-en

evasion execution persistence privilege_escalation trojan

windows10-2004-x64

11 signatures

1800 seconds

Report Analysis Logs

General

Target

435844f4e1a57fbfa40edf039ac0b29fab6c4115adbaba2ff2907c921a6aac2b.exe
Size

1.1MB
MD5

75ad544ceac0f47859e0f5417b950889
SHA1

5e4976f34abe798ec40087d4a4831e60040cd7dc
SHA256

435844f4e1a57fbfa40edf039ac0b29fab6c4115adbaba2ff2907c921a6aac2b
SHA512

cd9b17097d4f3d878966ef3f6f8269db3cf96ae517d593b3521761de4ee0fc3b8c8a2e1f603b90ffe73f6426bd5648f9d2f0dbecf6904f96568909745cb9db95
SSDEEP

24576:BiIxSqmMEiPPHxXaUHtauiIxLmKPPH3paUS:NSqmKPvxqUHIOLmKPvgUS

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

444 2280 WerFault.exe 435844f4e1a57fbfa40edf039ac0b29fab6c4115adbaba2ff2907c921a6aac2b.exe

pid	pid_target	process	target process
444	2280	WerFault.exe	435844f4e1a57fbfa40edf039ac0b29fab6c4115adbaba2ff2907c921a6aac2b.exe

Processes

C:\Users\Admin\AppData\Local\Temp\435844f4e1a57fbfa40edf039ac0b29fab6c4115adbaba2ff2907c921a6aac2b.exe
"C:\Users\Admin\AppData\Local\Temp\435844f4e1a57fbfa40edf039ac0b29fab6c4115adbaba2ff2907c921a6aac2b.exe"
1⤵
PID:2280

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2280 -s 216
2⤵
- Program crash
PID:444

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 2280 -ip 2280
1⤵
PID:968

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads