Analysis
-
max time kernel
121s -
max time network
146s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
05/10/2024, 17:55
General
-
Target
af1d0504e01bf8c25714871ed6e604e84b30ac9144fa6b86980decc7a604c137.exe
-
Size
11.0MB
-
MD5
b2373602238b8834adf249708d2ff697
-
SHA1
8e19369671dffcb5f77638f2954dced18f6d5b3b
-
SHA256
af1d0504e01bf8c25714871ed6e604e84b30ac9144fa6b86980decc7a604c137
-
SHA512
4a71cec4f0b0d8ec04195400645745f4e14ca120c526dbfadb7a378179a09cbbf81625717bfc20599e7d4a993f85367fddb4ea2ff79ab927f9a2f6ed3a2be734
-
SSDEEP
196608:5lAWWOUJYS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:56WtUJYRrDjtLKkOa8ps6puAktIz
Malware Config
Signatures
-
Downloads MZ/PE file
-
Loads dropped DLL 2 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\af1d0504e01bf8c25714871ed6e604e84b30ac9144fa6b86980decc7a604c137.exe"C:\Users\Admin\AppData\Local\Temp\af1d0504e01bf8c25714871ed6e604e84b30ac9144fa6b86980decc7a604c137.exe"1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD50dfcb5fbe90ecb1bbe6edded15e65228
SHA101e417e30b9196b16de92feaa6ba119a967c1aac
SHA2564b51d4ef28a27cceb839aa376552e06ebd93642db53a5b17bc83d16b007c096b
SHA512b1c00fddeea162973f76d900d16e7932ddfa84aacf8542d349948a40973d5c9b212c7dfef738feee553060bd2c90e09d1c2977f48ebe62c85fde176ceb764f92
-
Filesize
38B
MD5cb644d085df43b395543830a60ac1dd5
SHA15ceb5d4908b55b485f8e0dca06f97eeb95e3f9e2
SHA256b9fd7024bf8628cd42f38a87c85a6519d9ee312edec0f326583a2487c1181555
SHA512b571927831615ede83f43d0a9ead71ce42b52259ef48f116ce471352caff7949e1d17361fe61a876d22237e9bc2d776db4223490fa8f496c61377d2223edec92