Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    10-10-2024 15:50

General

  • Target

    58063ad47e3c7eb89807cb68acb9da9408422eb9905d76267126ba6a1a29c204N.exe

  • Size

    341KB

  • MD5

    9525853524541fcec3f653a7b92cf180

  • SHA1

    82e35cbf5890b20ea50aa438bc7314bf7c7bffae

  • SHA256

    58063ad47e3c7eb89807cb68acb9da9408422eb9905d76267126ba6a1a29c204

  • SHA512

    45685355172371c4f12082a3206f88170e04902bc21c92539b3c48cc9dceba9e98f03da0613640f1d1cd3609dd3aa09e178af86db57361a7182578594c5b6ade

  • SSDEEP

    6144:YMqEHUkNqGVHhR5pW+JzUQQVgIvEwIdpevREKhr2AisXl:YMqEH+GVJNzULgekdpepEE7l

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\58063ad47e3c7eb89807cb68acb9da9408422eb9905d76267126ba6a1a29c204N.exe
    "C:\Users\Admin\AppData\Local\Temp\58063ad47e3c7eb89807cb68acb9da9408422eb9905d76267126ba6a1a29c204N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2316 -s 120
      2⤵
      • Program crash
      PID:2168

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.