Analysis
-
max time kernel
141s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
13/10/2024, 14:23
General
-
Target
CP.exe
-
Size
144KB
-
MD5
6f89165e8e53a7de51c54170440342ec
-
SHA1
6612ad167a9c2ea0fb44c753d16c10cdef85784e
-
SHA256
232cdd08c71762498d0dae0be75eb783dc64be139b7ba399ac239f4de1310962
-
SHA512
a689b30ef9368d070064c4eadc3c87b296cd9147da780aec136e9a0ba6e77c97ad2652ab3d43caccce1262465b7b57e1ce28152e49e31c87d96e505c9ad200f3
-
SSDEEP
3072:xMvszDYP4BVhalTQ9jAvfr94n0VNbmCXzzClkfoOCSdsCnKiI:m0zDYsV6TcjsfqnENiCXvClkQXSWCnZI
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 2 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\CP.exe"C:\Users\Admin\AppData\Local\Temp\CP.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c pause2⤵
- System Location Discovery: System Language Discovery
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
404KB
-
Filesize
12KB
-
Filesize
12KB
-
Filesize
404KB