Overview

overview

5

Static

static

5

8da78b527f...dN.exe

windows7-x64

5

8da78b527f...dN.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    110s
  • max time network
    93s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-10-2024 10:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8da78b527f9d7bf19548c2d6c03fdc5214ed81f70eaa2091f545d00218abe6edN.exe

  • Size

    83KB

  • MD5

    b6f1c95436fd7061e31e144db8e866b0

  • SHA1

    f1840597dc9c5a46521bd2f718ca74d74e5f7fdf

  • SHA256

    8da78b527f9d7bf19548c2d6c03fdc5214ed81f70eaa2091f545d00218abe6ed

  • SHA512

    874ac1fe358fc6806b04832ed80d52026199314e53e2aa519a01cd0a20f61cf6a686dd2e9617bb5d30fd1b8b3944cb2713d08b6ae5f0d6fff79dc827133beedf

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+WK:LJ0TAz6Mte4A+aaZx8EnCGVuW

Score
5/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 7 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\8da78b527f9d7bf19548c2d6c03fdc5214ed81f70eaa2091f545d00218abe6edN.exe
    "C:\Users\Admin\AppData\Local\Temp\8da78b527f9d7bf19548c2d6c03fdc5214ed81f70eaa2091f545d00218abe6edN.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2208

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-qyxC6539rzC4rV5t.exe
    Filesize

    83KB

    MD5

    01e78613b27e981d54d49a940c8c5ef5

    SHA1

    79a15e2f02195d49ecc3cdb92e22489fdda53403

    SHA256

    61d66a30f4101cdd417f555efbbb785ec541c9ace38029b822b55ddfddb6d75a

    SHA512

    469f5d3362aa290b10d7900bac87edb7ceb06f1904908f753d0a2841d27f5de7dc571c520089094786c981884fd1dda70b0190fdb64553a0a99d58190beaed8f

    Download Submit

  • memory/2208-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2208-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2208-4-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2208-8-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2208-15-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2208-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download