Overview

overview

7

Static

static

7

413894628b...2N.exe

windows7-x64

7

413894628b...2N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    110s
  • max time network
    92s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 17:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    413894628b006c8160cd1669618d65df42b3fa16af95f160d204369112c36e92N.exe

  • Size

    83KB

  • MD5

    c3dca5a7bb69898197aa8b6d97b7a590

  • SHA1

    f9819d698f56c98aa04d04ff6783aad618f8f673

  • SHA256

    413894628b006c8160cd1669618d65df42b3fa16af95f160d204369112c36e92

  • SHA512

    5b4d5a6d83f59567f37826e880b1e92447dde0c01573b32e2bda5af0e2b130e8c1169ecef1fe9de23de4632636e2295a5be70084d00c3fbaaebf1fe2bc4d32d0

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+8K:LJ0TAz6Mte4A+aaZx8EnCGVu8

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\413894628b006c8160cd1669618d65df42b3fa16af95f160d204369112c36e92N.exe
    "C:\Users\Admin\AppData\Local\Temp\413894628b006c8160cd1669618d65df42b3fa16af95f160d204369112c36e92N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:3052

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-krXqPYQDJL908X1J.exe
    Filesize

    83KB

    MD5

    71e8e5ddcc5f8760717b529285e9ec7b

    SHA1

    bb58530eb423e621a036b3668ba5c774ef9456d4

    SHA256

    4fc40428e86ceeec859c722dee0c7b0a896f2a615bef265b05f31683fd2e0673

    SHA512

    4247db4a55e2517b1e9b25372a4c2ec6bf7182a1c3b700a26f589c0b1987432c0ab4803ae176da83d1c3a74fc90f559ae38fe6ebd7c7c0cad5873b27752a2b85

    Download Submit

  • memory/3052-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/3052-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/3052-5-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/3052-12-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/3052-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download