Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-10-2024 21:39

General

  • Target

    617bce7ff2b080b7839d8b1a99eebe44e25834902c106c237c0a36264a14f41c.exe

  • Size

    230KB

  • MD5

    975e9b53538e129219e9c4ffd6ef4167

  • SHA1

    3fb4f3517d7004cf4696334aa116003765a715b3

  • SHA256

    617bce7ff2b080b7839d8b1a99eebe44e25834902c106c237c0a36264a14f41c

  • SHA512

    f29d5497ffb0a5fa0ea15d85b4f96e40aa527319aa812f9be2e44a5e058f36a1e2621e09445ebc72a00ec440ebae6579accb12d5fd09e7f1f843f03863f704d5

  • SSDEEP

    6144:B0rsn91Wi08wIeSr1OpgIaIbIZFtHhlD1b+h49YONnx+Qrvm:BZ91Wi08MpgMEqh49YONnx+Qrvm

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\617bce7ff2b080b7839d8b1a99eebe44e25834902c106c237c0a36264a14f41c.exe
    "C:\Users\Admin\AppData\Local\Temp\617bce7ff2b080b7839d8b1a99eebe44e25834902c106c237c0a36264a14f41c.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Roaming\msvcp110.dll

    Filesize

    349KB

    MD5

    04f4aeb958d201d5decc4a71d6dc530e

    SHA1

    559cfbf06e715264a25e75e3c52c26ac25556f35

    SHA256

    7bec3f52cdd477d3823619e315b144ab55614285e10ae15061833f589e0e2378

    SHA512

    d2c2aba810e7f0f97b8e4db71869edb1513e9bae0388115d2f7a57b0dc4683939efa04a3e7449ab18179c1e9a253c792956d41f41404e7fa985227f3b76cdf71

  • memory/348-0-0x00000000747AE000-0x00000000747AF000-memory.dmp

    Filesize

    4KB

  • memory/348-1-0x0000000001270000-0x00000000012B4000-memory.dmp

    Filesize

    272KB

  • memory/348-2-0x00000000004C0000-0x00000000004C6000-memory.dmp

    Filesize

    24KB

  • memory/348-7-0x0000000075AD0000-0x0000000075B91000-memory.dmp

    Filesize

    772KB

  • memory/348-8-0x00000000747A0000-0x0000000074E8E000-memory.dmp

    Filesize

    6.9MB