Analysis
-
max time kernel
102s -
max time network
103s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
27-08-2024 04:55
Behavioral task
behavioral1
Sample
75dd7f09bc910bf4ffb8c3744b867a90N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
75dd7f09bc910bf4ffb8c3744b867a90N.exe
Resource
win10v2004-20240802-en
General
-
Target
75dd7f09bc910bf4ffb8c3744b867a90N.exe
-
Size
776KB
-
MD5
75dd7f09bc910bf4ffb8c3744b867a90
-
SHA1
52fe36f5e3c5bc761cadb5cfcd4aee97b75219d3
-
SHA256
f3cfa5ed96529245d6170a821e655eac16eaabf5cf3f731a926f6a6e99e1227d
-
SHA512
2c39e907c209da6d42cded95ee00e4a993c72a40b3a1961329c891fcd66d69c7b3d6989c0bd17535105f31aabc396e37a5b5d441d66b0a9b78716b8a4d33065f
-
SSDEEP
12288:dLz3rzOrDchlpQRLBIQS/3Qfi3Jaiclmj/jcb8bDrZXxXM6Dt3paPcg:dLz3rzOrG+JBIQ83X50mj/jnZX9PVg
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 932 3908 WerFault.exe 83 -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 75dd7f09bc910bf4ffb8c3744b867a90N.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\75dd7f09bc910bf4ffb8c3744b867a90N.exe"C:\Users\Admin\AppData\Local\Temp\75dd7f09bc910bf4ffb8c3744b867a90N.exe"1⤵
- System Location Discovery: System Language Discovery
PID:3908 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3908 -s 2202⤵
- Program crash
PID:932
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 3908 -ip 39081⤵PID:1116