Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/10/2024, 02:06

General

  • Target

    Ad Muncher/AdMunch.exe

  • Size

    429KB

  • MD5

    2703937e1666d1e244709899b31ccbfd

  • SHA1

    ced69bf3355d6d71011668271947ad05ac9c4eed

  • SHA256

    7b46463a72d606fc53c4307527434bbc11e7261f51ef92d88469dc02d7f0254c

  • SHA512

    ed6d554afa026f29beb123416e8da7d8c90f589d6f6c8635e09e68e6014cc1f87ca8a6a56dc5d78e79abd06dc8302191380804f41535adf9e563778a02e167f3

  • SSDEEP

    12288:u5c8pof9ZVV5E2XdUQoiIeRXAuHmSFmaBQYHw:G+PVhdo4Rx1QOw

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\Ad Muncher\AdMunch.exe
    "C:\Users\Admin\AppData\Local\Temp\Ad Muncher\AdMunch.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2260
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2260 -s 468
      2⤵
      • Program crash
      PID:3668
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2260 -ip 2260
    1⤵
      PID:5064

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2260-0-0x0000000000400000-0x00000000008015C0-memory.dmp

            Filesize

            4.0MB

          • memory/2260-2-0x0000000000400000-0x00000000008015C0-memory.dmp

            Filesize

            4.0MB

          • memory/2260-1-0x0000000000400000-0x00000000008015C0-memory.dmp

            Filesize

            4.0MB

          • memory/2260-5-0x00000000025E0000-0x0000000002621000-memory.dmp

            Filesize

            260KB

          • memory/2260-26-0x00000000028D0000-0x00000000028D1000-memory.dmp

            Filesize

            4KB

          • memory/2260-27-0x0000000002890000-0x0000000002891000-memory.dmp

            Filesize

            4KB

          • memory/2260-24-0x0000000000400000-0x00000000008015C0-memory.dmp

            Filesize

            4.0MB

          • memory/2260-25-0x0000000002820000-0x0000000002821000-memory.dmp

            Filesize

            4KB

          • memory/2260-17-0x0000000000400000-0x00000000008015C0-memory.dmp

            Filesize

            4.0MB

          • memory/2260-23-0x0000000002900000-0x0000000002901000-memory.dmp

            Filesize

            4KB

          • memory/2260-22-0x0000000002910000-0x0000000002911000-memory.dmp

            Filesize

            4KB

          • memory/2260-21-0x0000000002920000-0x0000000002921000-memory.dmp

            Filesize

            4KB

          • memory/2260-20-0x00000000028C0000-0x00000000028C1000-memory.dmp

            Filesize

            4KB

          • memory/2260-19-0x00000000028B0000-0x00000000028B1000-memory.dmp

            Filesize

            4KB

          • memory/2260-18-0x00000000028F0000-0x00000000028F1000-memory.dmp

            Filesize

            4KB

          • memory/2260-16-0x00000000028E0000-0x00000000028E2000-memory.dmp

            Filesize

            8KB

          • memory/2260-15-0x00000000028A0000-0x00000000028A1000-memory.dmp

            Filesize

            4KB

          • memory/2260-14-0x0000000002860000-0x0000000002861000-memory.dmp

            Filesize

            4KB

          • memory/2260-13-0x0000000002880000-0x0000000002881000-memory.dmp

            Filesize

            4KB

          • memory/2260-12-0x00000000027E0000-0x00000000027E1000-memory.dmp

            Filesize

            4KB

          • memory/2260-11-0x0000000002830000-0x0000000002831000-memory.dmp

            Filesize

            4KB

          • memory/2260-10-0x0000000002840000-0x0000000002841000-memory.dmp

            Filesize

            4KB

          • memory/2260-9-0x0000000002850000-0x0000000002851000-memory.dmp

            Filesize

            4KB

          • memory/2260-8-0x0000000002670000-0x0000000002671000-memory.dmp

            Filesize

            4KB

          • memory/2260-7-0x00000000027D0000-0x00000000027D1000-memory.dmp

            Filesize

            4KB

          • memory/2260-6-0x0000000002680000-0x00000000026C3000-memory.dmp

            Filesize

            268KB

          • memory/2260-29-0x0000000002680000-0x00000000026C3000-memory.dmp

            Filesize

            268KB

          • memory/2260-30-0x0000000000400000-0x00000000008015C0-memory.dmp

            Filesize

            4.0MB