Overview

overview

10

Static

static

5

17-10-2024...QW.exe

windows7-x64

17-10-2024...QW.exe

windows10-2004-x64

17-10-2024...er.exe

windows7-x64

7

17-10-2024...er.exe

windows10-2004-x64

7

17-10-2024...ys.exe

windows7-x64

9

17-10-2024...ys.exe

windows10-2004-x64

9

17-10-2024...er.exe

windows7-x64

3

17-10-2024...er.exe

windows10-2004-x64

3

17-10-2024...er.exe

windows7-x64

3

17-10-2024...er.exe

windows10-2004-x64

3

17-10-2024...re.exe

windows7-x64

10

17-10-2024...re.exe

windows10-2004-x64

10

17-10-2024...ix.exe

windows7-x64

1

17-10-2024...ix.exe

windows10-2004-x64

3

17-10-2024...nt.exe

windows7-x64

10

17-10-2024...nt.exe

windows10-2004-x64

10

17-10-2024...re.exe

windows7-x64

5

17-10-2024...re.exe

windows10-2004-x64

5

17-10-2024...NG.dll

windows7-x64

3

17-10-2024...NG.dll

windows10-2004-x64

3

17-10-2024...op.exe

windows7-x64

7

17-10-2024...op.exe

windows10-2004-x64

7

17-10-2024...er.exe

windows7-x64

7

17-10-2024...er.exe

windows10-2004-x64

7

17-10-2024...an.exe

windows7-x64

3

17-10-2024...an.exe

windows10-2004-x64

3

17-10-2024...ie.exe

windows7-x64

5

17-10-2024...ie.exe

windows10-2004-x64

5

17-10-2024...oe.exe

windows7-x64

7

17-10-2024...oe.exe

windows10-2004-x64

7

17-10-2024...ge.exe

windows7-x64

6

17-10-2024...ge.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    16-11-2024 22:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    17-10-2024 #20/Dynamer.exe

  • Size

    300KB

  • MD5

    3d14e249798b97a38b92b59ec8709e20

  • SHA1

    0e5f6bce278cb65d25460c546aca7e8851c593c3

  • SHA256

    9f331203b8fbd9504846742588da5a6ddd5baa804caca846940f92c2afd8bcf9

  • SHA512

    7caf9307a03defb601e7764ea823a91ea5c3627c9061585212c835ca0d983b976251b6fb2df4dada8c9c98720e9ecbe16390a4fddddbc828c2df6f56b3a66ab3

  • SSDEEP

    6144:0GEunZZ5HulrrATBqvexlJBV1Ls2mimvp3VD8dbsJUHArzneXFk:0jUmnATsYJBV1Ls2LMpB8aUH0zneFk

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\17-10-2024 #20\Dynamer.exe
    "C:\Users\Admin\AppData\Local\Temp\17-10-2024 #20\Dynamer.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:1076
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1076 -s 432
      2⤵
      • Program crash
      PID:1528

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads