Analysis
-
max time kernel
14s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
03-09-2024 02:05
General
-
Target
iconAnimate.exe
-
Size
300KB
-
MD5
c5097ac341cd69cdcd6e0f837bf11f24
-
SHA1
936c9329e744b6da25215376d477a858c225fdf5
-
SHA256
0129e0e107bfa11054ace420fbe670217b4ff9d26287687ac3222370de2c3e6a
-
SHA512
cecda0e04bc27ccc751a54da78ce094a4160b9f167330aea16bdcc0264d1c96502b2b651e1993993107e0b44edfcc68690b5ddbd613744ebf6d30e8a4bc93efa
-
SSDEEP
6144:MLSTYAveLOiM7L8sPlRNukmKiuwv11rf1Ar3Qq1SV+OJE:MLS32XM7LRziuwNV1AfowOJ
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of WriteProcessMemory 35 IoCs
Processes
-
C:\Windows\Explorer.EXEC:\Windows\Explorer.EXE1⤵
-
C:\Users\Admin\AppData\Local\Temp\iconAnimate.exe"C:\Users\Admin\AppData\Local\Temp\iconAnimate.exe"2⤵
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB
-
Filesize
4KB