Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
06-08-2024 11:22
Static task
static1
Behavioral task
behavioral1
Sample
feewf/7z2407-x64.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
feewf/7z2407-x64.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
feewf/winrar-x64-701.exe
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
feewf/winrar-x64-701.exe
Resource
win10v2004-20240802-en
General
-
Target
feewf/7z2407-x64.exe
-
Size
1.5MB
-
MD5
f1320bd826092e99fcec85cc96a29791
-
SHA1
c0fa3b83cf9f9ec5e584fbca4a0afa9a9faa13ed
-
SHA256
ad12cec3a3957ff73a689e0d65a05b6328c80fd76336a1b1a6285335f8dab1ba
-
SHA512
c6ba7770de0302dd90b04393a47dd7d80a0de26fab0bc11e147bf356e3e54ec69ba78e3df05f4f8718ba08ccaefbd6ea0409857973af3b6b57d271762685823a
-
SSDEEP
24576:GE413GbD17f+xGvqTQQc3iFwInAKPfzMc2NAjBWm5HrUq3IbWpeFy:GEVp1/SFwg1bMdN6Wm5HQq3YWUg
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 7z2407-x64.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2660 7z2407-x64.exe