Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
09-08-2024 16:25
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.DropperX-gen.11831.8378.exe
Resource
win7-20240708-en
windows7-x64
2 signatures
150 seconds
General
-
Target
SecuriteInfo.com.Win32.DropperX-gen.11831.8378.exe
-
Size
577KB
-
MD5
b98dc1d3907a29896233f92a1f91cc15
-
SHA1
daf5fa345ab29376c10ada6065f4e77526e8b531
-
SHA256
20e9ad367dd61cf76d9aa1bd6993cf2c6a289b433d44fb445b0fb6d8a634fd03
-
SHA512
a387a75cdb72537458e692e2339ed0840d7a4ffec390becd5175e142f10467c8e67c8c268b682b5c9d05facbdd1164c1d35875994b1b2398fca4578256bd6c90
-
SSDEEP
3072:COsA++eZfkec3uppruBjYP2+t9deQ+rjnCvulC7/X3UcrBw5KPA:vsA++eFfniB853eQ+rTCvNxrCKP
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language SecuriteInfo.com.Win32.DropperX-gen.11831.8378.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2668 SecuriteInfo.com.Win32.DropperX-gen.11831.8378.exe