f2b369f762ffb12dea753917b4e8e2028d795bcc6be30fc330ef41338c243527

Analysis

max time kernel
117s
max time network
117s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
05-08-2024 11:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8937a00662c19a7ed8bb61dd84ad9ec0N.exe
Size

31KB
MD5

8937a00662c19a7ed8bb61dd84ad9ec0
SHA1

999f01310872e41b8093ce5eab3c464bf5a032f1
SHA256

f2b369f762ffb12dea753917b4e8e2028d795bcc6be30fc330ef41338c243527
SHA512

82abc1c0b40ccfc7bc665e6de1a60092e0591246796ff4843e112341bfe23b616b86ec2a7334d40ece3d00dc29958775278959b9e1f0cf5264d1dd23f8a83ce5
SSDEEP

768:ITRfpN0pOy3OzeXmOGXbJOlB2vsLCik5dAy7b6lS2d4er:IHzzeWHXbJGB2EOik5h36lB4er

Score

7^/10

discovery upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2372-0-0x0000000000400000-0x000000000041A000-memory.dmp	upx
behavioral1/files/0x0007000000018b00-5.dat	upx
behavioral1/memory/2372-102-0x0000000000400000-0x000000000041A000-memory.dmp	upx

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	8937a00662c19a7ed8bb61dd84ad9ec0N.exe

C:\Users\Admin\AppData\Local\Temp\8937a00662c19a7ed8bb61dd84ad9ec0N.exe
"C:\Users\Admin\AppData\Local\Temp\8937a00662c19a7ed8bb61dd84ad9ec0N.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2372

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\My Downloads\Macromedia Dreamweaver MX ISO - Full Downloader.exe

Filesize
31KB

MD5
91f6d0d3f582120bec84a6c64d0cd629

SHA1
ba47c88a7f01ef7820d1127f78d6f02db65f49e5

SHA256
e98938a846e70d9cbb52b1b7ceafce30d99973d13b423596ac3f4c22740f4f84

SHA512
2e08598bfaac6813ab70cdf61ee95c27555d03859268dc08ef6c7db0c8992029a684a5ee6ea0e22df371afc21804ad5a2d12718a61439083540c52632b2ab73f

Download Submit
memory/2372-0-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download
memory/2372-102-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download