Overview

overview

10

Static

static

10

1735939565...ed.exe

windows10-2004-x64

3

1735939565...ed.exe

windows11-21h2-x64

3

Resubmissions

06/01/2025, 02:34 UTC

250106-c2h3lswkar 10

06/01/2025, 01:44 UTC

250106-b59t3atrdq 10

06/01/2025, 01:44 UTC

250106-b5xjqs1rbx 10

06/01/2025, 01:43 UTC

250106-b5nlts1raz 10

06/01/2025, 00:38 UTC

250106-ay3azaspam 10

06/01/2025, 00:33 UTC

250106-awcyassncn 10

05/01/2025, 22:53 UTC

250105-2vdlzszqej 10

05/01/2025, 22:33 UTC

250105-2gzx3axrdt 10

05/01/2025, 22:09 UTC

250105-12zmcsxnfy 10

04/01/2025, 05:00 UTC

250104-fng5yavrdl 10

Analysis

  • max time kernel
    93s
  • max time network
    94s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06/01/2025, 01:43 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1735939565fb467373308ccaa70b95879c5da1c7021b40ee5196ecf39486dc10b7e4052907751.dat-decoded.exe

  • Size

    332KB

  • MD5

    e32ee103ae9a3e75d0df2a6bbe516997

  • SHA1

    cc963cc4e0c3e429b2851cc1ec0f159fa322d4a9

  • SHA256

    991cb2f1222cdd00eb93d17b0cc3c4488ebffc53d30d604486592d78a1349419

  • SHA512

    3e3add78bb7175ab876aa975b247f3c317a6ca3fa7a50df40f74611419103017c2dcaec323563586a751b4c4a43635abaac09e43e4881f37bc943b07573014e6

  • SSDEEP

    6144:lFgxMjpdFf/qguD8qF5bIzTfpnvzVd1Ke4lyCazz2h96Q:IMdd7uD8GwpbVnKT86h96

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\1735939565fb467373308ccaa70b95879c5da1c7021b40ee5196ecf39486dc10b7e4052907751.dat-decoded.exe
    "C:\Users\Admin\AppData\Local\Temp\1735939565fb467373308ccaa70b95879c5da1c7021b40ee5196ecf39486dc10b7e4052907751.dat-decoded.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1992
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1992 -s 228
      2⤵
      • Program crash
      PID:2924
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 1992 -ip 1992
    1⤵
      PID:1100

    Network

    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    No results found
    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      66 B
       90 B
       1
      1

      DNS Request

      8.8.8.8.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.