Overview

overview

10

Static

static

10

2024-10-07...de.exe

windows7-x64

3

2024-10-07...de.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/10/2024, 11:05 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-10-07_5c54c35ae3beb63c2dd49e14f1b02343_blackmatter_darkside.exe

  • Size

    80KB

  • MD5

    5c54c35ae3beb63c2dd49e14f1b02343

  • SHA1

    475812bb0709001ce80227bb4ab1f645853c2ef8

  • SHA256

    2f5ba8b6995de426b1c505fe2a5fc3c9a35f24c53185536c83408ab78f56ebe6

  • SHA512

    4a8767e3e6e210de3772ace2107409f138e8be5f21c352794fd8a283375151f5a3cc98fb7adf4b7fae153b6ec70552587e875f5f513c7a9e0a5117becbea0311

  • SSDEEP

    768:TDjahoICS4AIpIrO2KvMBonFlsicP2NK3oVl7yzv6GirrW66RrABSLA6zbjo:nzICS4AkzFF2icP2ox6q6SDLB

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-10-07_5c54c35ae3beb63c2dd49e14f1b02343_blackmatter_darkside.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-10-07_5c54c35ae3beb63c2dd49e14f1b02343_blackmatter_darkside.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2868
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2868 -s 220
      2⤵
      • Program crash
      PID:872
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2868 -ip 2868
    1⤵
      PID:3944

    Network

    • flag-us
      DNS
      48.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      48.229.111.52.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      48.229.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      48.229.111.52.in-addr.arpa

    • 8.8.8.8:53

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.