Overview

overview

5

Static

static

5

3aa2352975...9N.exe

windows7-x64

5

3aa2352975...9N.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2024, 00:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3aa2352975bf3d62339b630fa69d01da5661e82577d2bc18154f7117438751c9N.exe

  • Size

    236KB

  • MD5

    3005ffd5b1f7fbd387f105a76a9c3ab0

  • SHA1

    ef1c816769a8556e2df1000f4b4eda1a458dd92d

  • SHA256

    3aa2352975bf3d62339b630fa69d01da5661e82577d2bc18154f7117438751c9

  • SHA512

    b56f2bd585ef8e10865a4ff4994193c09a582f87fa3d8c2631c791af6f94b36ae8e1dca49a97d555e89a6ef2345f39ee14ce7277804a75c7cc096232c240bb7b

  • SSDEEP

    3072:qJ0Bs3o8A4M3riN6MhGkgS3PL6pb9t16n5OkhBOPC/4/FnncroP9:+wDeM7iNEkgiOb31k1ECGJ/F

Score
5/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\3aa2352975bf3d62339b630fa69d01da5661e82577d2bc18154f7117438751c9N.exe
    "C:\Users\Admin\AppData\Local\Temp\3aa2352975bf3d62339b630fa69d01da5661e82577d2bc18154f7117438751c9N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2644

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-I8WQtnMtcV60PiZk.exe
    Filesize

    236KB

    MD5

    4bd8b55bb9649b2e7be7c5dd4cdd75d3

    SHA1

    03b73f12967a541243f7cf9a88e91cd9b5439d89

    SHA256

    0a25523ee443e2166c38c1a58dda4091f23a179b7e49848dfa2281a336711b55

    SHA512

    350bee836f986752a9cc772da0e63bbc39c23def4fe0c0e34dc93ee4a9e83c77ba89008986cb9de448ba310ad038628f818e55ea7138fd61dc604be160ed18d5

    Download Submit

  • memory/2644-0-0x0000000000400000-0x000000000043B000-memory.dmp

    Filesize

    236KB

    Download

  • memory/2644-1-0x0000000000400000-0x000000000043B000-memory.dmp

    Filesize

    236KB

    Download