Analysis

  • max time kernel
    92s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-09-2024 04:09

General

  • Target

    049cd03c78d36c89a2339c6945a13f9f4746adddba3083e6cc94e17bfed5b090.exe

  • Size

    1.6MB

  • MD5

    ec8be91b2242db0c2aee44b3fc9af853

  • SHA1

    27256c8c249bfd7684e0ccea729f5f446e369797

  • SHA256

    049cd03c78d36c89a2339c6945a13f9f4746adddba3083e6cc94e17bfed5b090

  • SHA512

    84117d99a0f4733e7b5d6c6526654c6ec6e3841e9b73e59bc0b199219c3051c5b6baf37d33260a7e16ef4cbdc54c1fe3bd9edce5df0af33ec98c4b1fe72a479d

  • SSDEEP

    24576:TCsZd5TKWxFMcN/c5M8SMUi9Grdn7SsvaMQR9TzBlh1xRO3AWCkTTl:D7TvfU+8X9GrNOsvabRblhE3ANkTTl

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\049cd03c78d36c89a2339c6945a13f9f4746adddba3083e6cc94e17bfed5b090.exe
    "C:\Users\Admin\AppData\Local\Temp\049cd03c78d36c89a2339c6945a13f9f4746adddba3083e6cc94e17bfed5b090.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4016
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4016 -s 220
      2⤵
      • Program crash
      PID:4052
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 4016 -ip 4016
    1⤵
      PID:3540

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads