Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
09-09-2024 19:10
Static task
static1
Behavioral task
behavioral1
Sample
33bdffc930c645902c6642312a857460N.exe
Resource
win7-20240903-en
General
-
Target
33bdffc930c645902c6642312a857460N.exe
-
Size
6.3MB
-
MD5
33bdffc930c645902c6642312a857460
-
SHA1
f8705dfd7629bfe88ea0d6e7e9b2f15adb2e482b
-
SHA256
ae7c8dc4e05f654143802647577bd1809a36e64ca4fa9e4c94fdc39007d85794
-
SHA512
a7226abf3b7f3551ed03acf686c5dbb85ddf3d84431323c2dd20075026a9bfdfaf72e948ee67a5a7f603ce9431b4c358ffef86fb652698d9a40032ac1076d676
-
SSDEEP
49152:CzhR8hOasz51xzyh8cZZjCIySQX/yAmXjpheQSkKh9awekQbryOirdPOYgu9fV6h:q5X/h/ekTB3r96qVqGn6F6tPmyfM
Malware Config
Extracted
cryptbot
analforeverlovyu.top
twelvev12vt.top
-
url_path
/v1/upload.php
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
33bdffc930c645902c6642312a857460N.exedescription ioc process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 33bdffc930c645902c6642312a857460N.exe