0e4216c155b23b0f6e58a0dffb41c44fecc8b84ad9e6d8cde5d4869b73c0c7f6

Analysis

max time kernel
95s
max time network
99s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
12/09/2024, 14:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

86ed3ac881f9ef0e42014efe5234af50N.exe
Size

31KB
MD5

86ed3ac881f9ef0e42014efe5234af50
SHA1

5f6863b5cbb57d3d32ad5f59df2396b6867afd81
SHA256

0e4216c155b23b0f6e58a0dffb41c44fecc8b84ad9e6d8cde5d4869b73c0c7f6
SHA512

f8186941d1593e85edc4d2596addd9ab5258a7d2de7ff4076519ba637ed6ef37e56199faa925ee5588afcdcaeb4894b0c3bff4e4e5e648fe8ec80820436f5948
SSDEEP

768:ITRfpN0pOy3OzeXmOGXbJOlB2vsLCik5dAy7b6lS2d47:IHzzeWHXbJGB2EOik5h36lB47

Score

7^/10

discovery upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/2332-0-0x0000000000400000-0x000000000041A000-memory.dmp	upx
behavioral2/files/0x00080000000234de-5.dat	upx
behavioral2/memory/2332-101-0x0000000000400000-0x000000000041A000-memory.dmp	upx

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	86ed3ac881f9ef0e42014efe5234af50N.exe

C:\Users\Admin\AppData\Local\Temp\86ed3ac881f9ef0e42014efe5234af50N.exe
"C:\Users\Admin\AppData\Local\Temp\86ed3ac881f9ef0e42014efe5234af50N.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2332

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\My Downloads\Squad Battles Eagles Strike Key Generator.exe

Filesize
31KB

MD5
3a5c8bc5a8cfd01dfbd1cd5c3800ff3b

SHA1
2caf46227059d4da9640616804cc86517d36e4ef

SHA256
a4345b1f1718df38575745d00367a0ae35d0deeb1a121f52020269251249362d

SHA512
b47ef2a0ae5b9a71234c5e9f00c3955524be7eaeaaeaaa0ddd2b68072f61a54c303b3b55817ef21bfbafedcb34a22c92e5d05a08eeff4e31f6470769948e18ca

Download Submit
memory/2332-0-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download
memory/2332-101-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download