Overview

overview

7

Static

static

7

9c81c1a4ee...5N.exe

windows7-x64

7

9c81c1a4ee...5N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2024, 14:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    9c81c1a4eea14c1d961627bea60b8a3b478bde0fe57574a85db76b276d3b1755N.exe

  • Size

    83KB

  • MD5

    734739d6403e014c9d91dfe6b366bdf0

  • SHA1

    53dcf85ba1a7c13b4d751b3f47313f03f35b2aa4

  • SHA256

    9c81c1a4eea14c1d961627bea60b8a3b478bde0fe57574a85db76b276d3b1755

  • SHA512

    2becd561965572f3dd558ec8995412627e39bba6b7b1ff51d4460582baa3dd03a2d6175936385ff303273232c445b276fbc8592a8d11789af3b5aa766253d975

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+zK:LJ0TAz6Mte4A+aaZx8EnCGVuz

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\9c81c1a4eea14c1d961627bea60b8a3b478bde0fe57574a85db76b276d3b1755N.exe
    "C:\Users\Admin\AppData\Local\Temp\9c81c1a4eea14c1d961627bea60b8a3b478bde0fe57574a85db76b276d3b1755N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2104

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\rifaien2-ZKDYMYvgjsQusq2K.exe
          Filesize

          83KB

          MD5

          6c99fdf515df9a357d0740b4a96a2b42

          SHA1

          63ad6cb3d44787149405279fff34931c4afea6de

          SHA256

          cef8f45176a5a42f8a1231d365b9256b388e33e19053d1e35ce19a4c9417d504

          SHA512

          49bef5f532cafbd0b63486988369c44d28bca823bfd8648265ed61abbc03d68c8f22150283b1acf722e0d6e5373f8ad9136420ffca4d0d038cb530e90767b01e

          Download Submit

        • memory/2104-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

          Download

        • memory/2104-2-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

          Download

        • memory/2104-6-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

          Download

        • memory/2104-13-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

          Download

        • memory/2104-23-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

          Download