Overview

overview

7

Static

static

7

56b9dfc41f...5N.exe

windows7-x64

7

56b9dfc41f...5N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    110s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-09-2024 06:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    56b9dfc41fdd9b045064add33535a40cc2da0ae9786b92b949d77bb16e95f295N.exe

  • Size

    83KB

  • MD5

    314ce7e697f504bbe379347b696791a0

  • SHA1

    74bd12e6c205ce423b7cfbb083448b869b1431a1

  • SHA256

    56b9dfc41fdd9b045064add33535a40cc2da0ae9786b92b949d77bb16e95f295

  • SHA512

    4e814138240e880a240ec77f3480598e853e0cb9976f4af28a1d036ee31e6afb6bc5bdacd09b730f9d0a68f3b2e7c63468254cf7c22fb86eb4bca462e54eb280

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+NK:LJ0TAz6Mte4A+aaZx8EnCGVuN

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 7 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\56b9dfc41fdd9b045064add33535a40cc2da0ae9786b92b949d77bb16e95f295N.exe
    "C:\Users\Admin\AppData\Local\Temp\56b9dfc41fdd9b045064add33535a40cc2da0ae9786b92b949d77bb16e95f295N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4956

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-1a8nS7ZjsC5pRVAc.exe
    Filesize

    83KB

    MD5

    b604986406ca314f8acc4da4445179ea

    SHA1

    045cdeff655f3cf066705b4a9f96250c28a865af

    SHA256

    ba4d43ca9cf241980f5ccc380b3b001f6d520d69f2de5b8b06ea51ccae310f00

    SHA512

    3d4c0d20f0ebacd339aa74aeb7738d560d2e0b6ca403bdd596467a5ec09c0f849f54b7f70b490bb43397b04acbd4094adebec83358001887f9d4f4e053af0a8d

    Download Submit

  • memory/4956-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/4956-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/4956-4-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/4956-8-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/4956-15-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/4956-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download