Analysis
-
max time kernel
120s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
21-11-2024 19:48
General
-
Target
108a99b32b88bc7c77d66f1490a664a2ee46c79496679395af73c1b9c35d9e88.exe
-
Size
33KB
-
MD5
b9974d9508d4149f615363f6552dfc89
-
SHA1
85388e3ea7134d405e0505eb9a1820434f2fa002
-
SHA256
108a99b32b88bc7c77d66f1490a664a2ee46c79496679395af73c1b9c35d9e88
-
SHA512
e110efbca7a02ec51286962918e084f6f6a1802c092ccac6b139e715c223480f622d5ea0a0f80e97dbfc0416e65f6a72aebedcf804666f2940f69c4cad67cd8c
-
SSDEEP
768:Q3K7wR7P05lFmRAwUhvGu+nO6y8DM1S1ouKkkUw8sl+onwvP1gMK0V:sK7w1QFZhupOwDMtuKkkDxIowvP1xK0V
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\108a99b32b88bc7c77d66f1490a664a2ee46c79496679395af73c1b9c35d9e88.exe"C:\Users\Admin\AppData\Local\Temp\108a99b32b88bc7c77d66f1490a664a2ee46c79496679395af73c1b9c35d9e88.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2200 -s 362⤵
- Program crash
-