Overview

overview

7

Static

static

3

8d2400a389...0N.exe

windows7-x64

7

8d2400a389...0N.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/09/2024, 06:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8d2400a3890b0bc1da95e88a4492f2d0N.exe

  • Size

    184KB

  • MD5

    8d2400a3890b0bc1da95e88a4492f2d0

  • SHA1

    f96d0b1cd5522d683fc0e5afd187ecb28d8e0574

  • SHA256

    cf312d9198d078ce41d8f541088a0047855aeb23e85496bf1b6bb9774e62b394

  • SHA512

    f5cc784c7a66d34a562be22c1e4d3a20b9df20c2dde388c64eb7e97fd338fae54919772d96d9fe69932367fa5ab83a836d2ea5fd3b16022f789931cdafc94fcb

  • SSDEEP

    3072:V7bSJFopWv+9V+i9rEP8SaOu2vnq2vGuH:V7SoJL+iM8ZOu2Pq2vGu

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\8d2400a3890b0bc1da95e88a4492f2d0N.exe
    "C:\Users\Admin\AppData\Local\Temp\8d2400a3890b0bc1da95e88a4492f2d0N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1008
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1008 -s 212
      2⤵
      • Program crash
      PID:1988
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 1008 -ip 1008
    1⤵
      PID:3592

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads