Overview

overview

10

Static

static

7

bc41543926...18.zip

windows11-21h2-x64

1

Documents/...er.exe

windows11-21h2-x64

10

Documents/...ll.exe

windows11-21h2-x64

3

Documents/...aw.exe

windows11-21h2-x64

10

Documents/...ky.exe

windows11-21h2-x64

10

Documents/...31.exe

windows11-21h2-x64

3

Documents/...3 .exe

windows11-21h2-x64

3

Documents/...d9.dll

windows11-21h2-x64

10

Documents/...63b.gz

windows11-21h2-x64

3

027cc450ef...ju.dll

windows11-21h2-x64

10

Documents/...bin.gz

windows11-21h2-x64

3

ee29b9c013...bc6.js

windows11-21h2-x64

3

Documents/...097.gz

windows11-21h2-x64

3

fe2e5d0543...L9.rtf

windows11-21h2-x64

1

Documents/...uy.hta

windows11-21h2-x64

3

Documents/...st.exe

windows11-21h2-x64

7

Documents/...39.exe

windows11-21h2-x64

Documents/...5c.exe

windows11-21h2-x64

Documents/...00.exe

windows11-21h2-x64

7

out.exe

windows11-21h2-x64

3

Documents/...16.zip

windows11-21h2-x64

1

Documents/...ZSFwgb

windows11-21h2-x64

1

Documents/...96.exe

windows11-21h2-x64

5

Documents/...ed.exe

windows11-21h2-x64

10

Documents/...70.exe

windows11-21h2-x64

9

Documents/...67.exe

windows11-21h2-x64

3

Documents/...56.exe

windows11-21h2-x64

3

Documents/...ab.exe

windows11-21h2-x64

8

Documents/...3a.exe

windows11-21h2-x64

8

Documents/...73.exe

windows11-21h2-x64

8

Documents/...ry.zip

windows11-21h2-x64

1

Documents/...aa.exe

windows11-21h2-x64

10

Resubmissions

22-08-2024 18:43

240822-xc563asamh 10

21-08-2024 17:16

240821-vtjnaathnq 10

30-06-2024 00:59

240630-bcjr6svbkk 10

20-06-2024 02:02

240620-cf43ysxbnk 10

20-06-2024 01:44

240620-b5v1xawemk 10

19-06-2024 01:10

240619-bjmseavfmp 10

18-06-2024 20:40

240618-zfwsxawdpa 10

18-06-2024 13:45

240618-q2vcjawdle 10

Analysis

  • max time kernel
    1469s
  • max time network
    1482s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    21-08-2024 17:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    out.exe

  • Size

    51KB

  • MD5

    8f681b52fcfe200d14c81d297a323cf7

  • SHA1

    1375d3c3cb1d2ea8d6f80a2cfe11107d80ad9a34

  • SHA256

    a1c1164f6b43a3592a98b29adc045f9ca37ec0624eb2f2c027bfffe24a4915d1

  • SHA512

    88f936cfc95833017fefa7a342cb9b41ae7ea2e7123f7e8bb4192db53b0b48998421176132a4ead98fbb25d31d0f1ee8e0f7995d14e94ab3e094d4dcceb7ad36

  • SSDEEP

    768:uElAvOs4CTfOgGYdlNGCizSHdq12UMx9s6zAKSXwa/2e:ZlafjVsrODKpKSXN

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\out.exe
    "C:\Users\Admin\AppData\Local\Temp\out.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:5000
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 5000 -s 236
      2⤵
      • Program crash
      PID:2772
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5000 -ip 5000
    1⤵
      PID:3652

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads