Analysis
-
max time kernel
91s -
max time network
141s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
19-09-2024 05:52
General
-
Target
2024-09-19_744e3eff4e411f04e12d8fb506fe883f_virlock.exe
-
Size
193KB
-
MD5
744e3eff4e411f04e12d8fb506fe883f
-
SHA1
042af0e66d173300092e5bd04b171b254b458ba1
-
SHA256
fbde40bcedd103c21f7bf2641815b8b70b610c560fd5823d699e2b4a388f62ce
-
SHA512
f88b9bd1f4afe68b3257bb76759cf238c93f76b492b40dfb1d75fa8f37f040b1de80b56badbf7d9214d243c9540d48e604f972b7ce2cbd6b1145c3992bc0555d
-
SSDEEP
6144:wE4DN30fmIzHY7vSN5yKg7E63kA5vUGNq:KZyp5yRUA5
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-09-19_744e3eff4e411f04e12d8fb506fe883f_virlock.exe"C:\Users\Admin\AppData\Local\Temp\2024-09-19_744e3eff4e411f04e12d8fb506fe883f_virlock.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3896 -s 2282⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3896 -ip 38961⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
200KB
-
Filesize
200KB