Analysis
-
max time kernel
16s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
29-08-2024 06:50
General
-
Target
32e3f4db4b1660ecf583ff7ed1297d70N.exe
-
Size
111KB
-
MD5
32e3f4db4b1660ecf583ff7ed1297d70
-
SHA1
722b8771276119ce3a1bb45f9af8c0f7cbe90f87
-
SHA256
db57a88261a8c0673386e4e53c626b14d77127a881a17c03f3e29ab7d9b76ec1
-
SHA512
358b94dc2e1c213de7e7950b3e845996dcb95a173de942f91d840c0b5a069d78aa51095d85bbc2aedbe3ff84beb8c892e1d3a18b94e0238e74d2fb7c4a73edd0
-
SSDEEP
3072:J3DMqhmqOCs57PEaPG7YEX91W99xeLGkheQaW+3:6dqOvPEae7YEX91A0GN1W+3
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\32e3f4db4b1660ecf583ff7ed1297d70N.exe"C:\Users\Admin\AppData\Local\Temp\32e3f4db4b1660ecf583ff7ed1297d70N.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2500 -s 362⤵
- Program crash
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
116KB