Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
01-09-2024 00:09
General
-
Target
268fba3b3ff803a66e46badfcfb32b90N.exe
-
Size
159KB
-
MD5
268fba3b3ff803a66e46badfcfb32b90
-
SHA1
0528982f67fdbffc85aebda9d1cfff3c05ce4187
-
SHA256
74e64096e77ee95b8bc7f555ea698848f563e61e832f219dac1329c5f9812c93
-
SHA512
9421e4ab8cb975fd5545a29a5a8b514da75ff3b7d9c958e14ffca0bd2d8773c9a69e0db253f679aa9313fd422432593a0d0b1582e483e419694943f9d200d9dc
-
SSDEEP
1536:W7ZhA7pApM21LOA1LO8+C+kwQAdM/gMH4hxu:6e7WpMgLOiLOrC5wzPzhxu
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Drops file in System32 directory 2 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\268fba3b3ff803a66e46badfcfb32b90N.exe"C:\Users\Admin\AppData\Local\Temp\268fba3b3ff803a66e46badfcfb32b90N.exe"1⤵
- Loads dropped DLL
- Drops file in System32 directory
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\Zombie.exe"C:\Windows\system32\Zombie.exe"2⤵
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
46KB
MD51c4b1f410b46e9c7d77ecced3a3abde2
SHA17f8790145d9b70c76d39fe521ec1e3ed7de5b8d6
SHA25602482ff4c075fcc0b0680a0cdc06ce5717df41371523f9ec1f99317df4bcfd30
SHA512e0ae6729e5b1fa356b0b004ed8cfb64b80c305128dde8223e32e07c2f1c877ebd59886c121dc3172b77718d8ead391a2919b06966b3224614a66695fda2df101