Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
19/09/2024, 09:20
Static task
static1
Behavioral task
behavioral1
Sample
5bb58b960ef454ee919d514552478e5029f88e32aa3e5134c02cdad938ab0afc.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5bb58b960ef454ee919d514552478e5029f88e32aa3e5134c02cdad938ab0afc.exe
Resource
win10v2004-20240802-en
General
-
Target
5bb58b960ef454ee919d514552478e5029f88e32aa3e5134c02cdad938ab0afc.exe
-
Size
10.9MB
-
MD5
886f374b93a77262b67a54f30e6041a8
-
SHA1
38bb5c1fc811978b010685ee1015493fc59fc1fb
-
SHA256
5bb58b960ef454ee919d514552478e5029f88e32aa3e5134c02cdad938ab0afc
-
SHA512
e8be6b52f0ac3d907a3c5feb628bb936978bb70c2039ca8f2e25ade0ba0611b2cdd424e672907930cc4f0b062ace36ba983c01ba786c2e4f04e7e2df075db609
-
SSDEEP
196608:FUWWPa65SSJ7PbDdh0HtQba8z1sjzkAilU4I4:FUWW5J7PbDjOQba8psjzyz
Malware Config
Signatures
-
Downloads MZ/PE file
-
Loads dropped DLL 2 IoCs
pid Process 2496 5bb58b960ef454ee919d514552478e5029f88e32aa3e5134c02cdad938ab0afc.exe 2496 5bb58b960ef454ee919d514552478e5029f88e32aa3e5134c02cdad938ab0afc.exe -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 5bb58b960ef454ee919d514552478e5029f88e32aa3e5134c02cdad938ab0afc.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2496 5bb58b960ef454ee919d514552478e5029f88e32aa3e5134c02cdad938ab0afc.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\5bb58b960ef454ee919d514552478e5029f88e32aa3e5134c02cdad938ab0afc.exe"C:\Users\Admin\AppData\Local\Temp\5bb58b960ef454ee919d514552478e5029f88e32aa3e5134c02cdad938ab0afc.exe"1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2496
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD5d2a688ce63b171d04bd7b1a84af6fe05
SHA1021ca33c674b141d8838d88ea40e69d929feb6d1
SHA2561cfc3111278a1e5745f5ebde20f19290ec3c51ed9e795d09fddb20c653d8cdbe
SHA512c87260267f3fc5e79aa1fbf1d5cc4497976d5f607f6644655cb69c1925c85f5ec3d2f5b0e0178dade06dde1fe50c3e335c9c1b54e0961c3fdaaf1aa2272d3a9a
-
Filesize
4KB
MD5249865c31552d7a201f44c8a68db87a8
SHA1b5579da35c86667b87d3df1f707726ffdc3b171b
SHA25682c07accfd7a8eb01867138deaf1215e7874b0369e1377cd210fa8cc0e86e2a5
SHA5126ebc0aa88fb3ca8132106992cc4a085af9643e5f14e87cf2021f3cbc1ad74dffd09dc116e99b963a0b867c0934263c1d990e867de3d649593c0433c4882cae98
-
Filesize
38B
MD5f60eb97eddaf662d717928b955f518fa
SHA1ebc9f395ce38e8776a995bcb2eafdce38026356b
SHA2564b896315ea3507d8aa15f391622213adeed3dd4ed7edb1207a3e55bc7de47a8a
SHA512ac09e29b98901c7fa5e480f8ca16e4c7405c4c79837ee4d7c6057a3133c2cc8d390a2537b630446139f1f46f7457eb03571f74043a8c72f0de7b22449156be28