Overview

overview

7

Static

static

3

81b1519c96...87.exe

windows7-x64

7

81b1519c96...87.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    31-10-2024 08:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    81b1519c961f3a755458d17700ad673a23b5ad9fb6eaf6b150a320921d9cb587.exe

  • Size

    3.7MB

  • MD5

    f03d5f46a5ddc0f5566e9ef986ea73d3

  • SHA1

    0ab62819a6c50d062fa3eab6b31c4891198ef070

  • SHA256

    81b1519c961f3a755458d17700ad673a23b5ad9fb6eaf6b150a320921d9cb587

  • SHA512

    e4925d7a944f0f2397e5cc7d507cad937700a8abde8be668834492df455c5b63799ad5e3a94518b8b82d49fc2c3a0576e0971dd9d54ddd28178b3c448d53df45

  • SSDEEP

    49152:Z5DNHI/59uMDwiMdQycjd25mPmRF2gGenHd/cb4mm30bCV7uUKTT8heQpwTI+8x6:hB9tR2en9/h8bV2wk+IC

Score
7/10
discoveryevasion

Malware Config

Signatures

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\81b1519c961f3a755458d17700ad673a23b5ad9fb6eaf6b150a320921d9cb587.exe
    "C:\Users\Admin\AppData\Local\Temp\81b1519c961f3a755458d17700ad673a23b5ad9fb6eaf6b150a320921d9cb587.exe"
    1⤵
    • Identifies Wine through registry keys
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:2080

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads