Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    06/08/2024, 01:32

General

  • Target

    3b17d61c52d82584a4cdcf79bca6bf99255500ebabb8b375151e7cddf2978fb0.exe

  • Size

    6.5MB

  • MD5

    335a008131447345a4a2bc0bb97def33

  • SHA1

    0342d05453185d6b81fcf21ffef725b8fe1f5a33

  • SHA256

    3b17d61c52d82584a4cdcf79bca6bf99255500ebabb8b375151e7cddf2978fb0

  • SHA512

    a851a5324ab4cc3dbdaac90ab20979dabaf795f8513aba9c1e1fb0125e697108e3e47dbb1efdfeedd31b1cc82ea7c60822e434e1a1ab46b8d616e74784ae8651

  • SSDEEP

    98304:5RDvv8W6s6aGZw8h5REa3i5JWGuM6jiQ+r4agFKNdNT9ErGTXN/bEO:X78KqZdnCa3i5AGD93M6dNRtjSO

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3b17d61c52d82584a4cdcf79bca6bf99255500ebabb8b375151e7cddf2978fb0.exe
    "C:\Users\Admin\AppData\Local\Temp\3b17d61c52d82584a4cdcf79bca6bf99255500ebabb8b375151e7cddf2978fb0.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads