Overview

overview

10

Static

static

3

82c8e9440d...e6.exe

windows7-x64

3

82c8e9440d...e6.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    23/10/2024, 01:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    82c8e9440da130cb3c991bfd2b98afbf11fff2be9acd3e56b3107096a11a69e6.exe

  • Size

    560KB

  • MD5

    80b56ae302fea7f0f9e00b63f7ad598b

  • SHA1

    6411184877abfdd8b7743c27ef94e0f257ce1f1d

  • SHA256

    82c8e9440da130cb3c991bfd2b98afbf11fff2be9acd3e56b3107096a11a69e6

  • SHA512

    b08b31671c258ad4d9be77f88e91cecc80ed5e8d0331b8cc4f3cb2af0e130a2b937d74a628d6681125d48581c6743a1d852b5a1143c66c298d54c8e88a369528

  • SSDEEP

    12288:/fATXkhMOoltiJVsxIojON7X4ETsCh/YvMLPVycMnt+giaS1P:Ckh5oDiJexpirB5ybt+8SB

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\82c8e9440da130cb3c991bfd2b98afbf11fff2be9acd3e56b3107096a11a69e6.exe
    "C:\Users\Admin\AppData\Local\Temp\82c8e9440da130cb3c991bfd2b98afbf11fff2be9acd3e56b3107096a11a69e6.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2500 -s 644
      2⤵
      • Program crash
      PID:1716

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2500-0-0x000000007487E000-0x000000007487F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2500-1-0x0000000001150000-0x00000000011E0000-memory.dmp

    Filesize

    576KB

    Download

  • memory/2500-2-0x0000000074870000-0x0000000074F5E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2500-3-0x0000000074870000-0x0000000074F5E000-memory.dmp

    Filesize

    6.9MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.