Analysis
-
max time kernel
11s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
15-09-2024 13:00
General
-
Target
supermain.exe
-
Size
541KB
-
MD5
2f61a2fdad0599146e7546d577d3772d
-
SHA1
281a57e57f2b415c35d5808f890da7e172a1a281
-
SHA256
2ab5dd6218935db97e71e5578ceaa8f87ef7ac30574216662dc6c040136ff5cf
-
SHA512
2830d7d546177138e0f6d2f02a47abe3bfbc05d776ea81780f0f605fe458811c67124e34cb135652f1e6a5a72b62a99640bca8796a3c9fd0360b50b3fe808dc3
-
SSDEEP
12288:GCWMqsBLwNQD8gABE3u5p+hY/4ewg2ZNaKCmWyOfoJVtKtnjWGuWgbHOuSMqT/Yd:XuSOfgAB0
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\supermain.exe"C:\Users\Admin\AppData\Local\Temp\supermain.exe"1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
\Users\Admin\AppData\Roaming\d3d9x.dllFilesize
371KB
MD52ff20dbe19667e77f238a01566fc653f
SHA135693bb2faac7d54ed23166566fab71b3b80c13d
SHA25647e379e2a7d821fa5542b944ce54f3bf0e7465b8b5db7c603891386f336e6322
SHA512d1cc086305a9a4b29b27244a35a801a5610491ab23f346caea059ddbb224bf869a0f8a03aa2ae27e9a5301f0082feacdc7e44b6c720b41e1dc908acb84e77094
-
memory/1120-0-0x000000007401E000-0x000000007401F000-memory.dmpFilesize
4KB
-
memory/1120-1-0x0000000000D10000-0x0000000000D9E000-memory.dmpFilesize
568KB
-
memory/1120-6-0x0000000075E40000-0x0000000075F01000-memory.dmpFilesize
772KB
-
memory/1120-7-0x0000000074010000-0x00000000746FE000-memory.dmpFilesize
6.9MB
-
memory/1120-8-0x0000000074010000-0x00000000746FE000-memory.dmpFilesize
6.9MB