Analysis

  • max time kernel
    110s
  • max time network
    93s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2024, 10:37

General

  • Target

    ef135770be79c143c4c93e925c9b09e4906ca623f9554c7dbb520528a9dd11a8N.exe

  • Size

    83KB

  • MD5

    adc26054bc4c315f3a9d04c0b96eeb20

  • SHA1

    a43cf6d588ff58c15ee2a9462dcebb610234df3b

  • SHA256

    ef135770be79c143c4c93e925c9b09e4906ca623f9554c7dbb520528a9dd11a8

  • SHA512

    4e332b349418bd83e1f0ee5c17de085701431f439b95bfff1916eeb6d91eb97e31b1dcff30bee64f9a437c73ed45ce54c5b72c0368b995e0d569644f262ed808

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+FK:LJ0TAz6Mte4A+aaZx8EnCGVuF

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\ef135770be79c143c4c93e925c9b09e4906ca623f9554c7dbb520528a9dd11a8N.exe
    "C:\Users\Admin\AppData\Local\Temp\ef135770be79c143c4c93e925c9b09e4906ca623f9554c7dbb520528a9dd11a8N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2692

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\rifaien2-idLb41zusuHSrcuG.exe

          Filesize

          83KB

          MD5

          9cf154fc83c52b4c3684535587b41436

          SHA1

          b3e7b7b6fe95d8fc591fc178d12f5a50663b87c8

          SHA256

          e081a123fdc85504f111eee435fce8adb6cdf8052b6e632b5a57a4bc8f755b53

          SHA512

          d5d85ff801e8053de1427ec75bb60af0286a76f0eae45c3fb43e9e1a6fbd8b79402109dd9c44d38ad3d41ef514361096b027b6c889c69326d0225a4b7157a776

        • memory/2692-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2692-1-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2692-5-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2692-12-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2692-22-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB