Analysis
-
max time kernel
110s -
max time network
98s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
07/11/2024, 10:18
Behavioral task
behavioral1
Sample
3b4eae8fd29f593294bd268de1ffd338bd55de93a049b49fca3e7053e4942099N.exe
Resource
win7-20241010-en
General
-
Target
3b4eae8fd29f593294bd268de1ffd338bd55de93a049b49fca3e7053e4942099N.exe
-
Size
83KB
-
MD5
a2d2f16f1b48a1e7d739e69e50b72250
-
SHA1
309d4f961e860a42fbfea99110bc39a59121485d
-
SHA256
3b4eae8fd29f593294bd268de1ffd338bd55de93a049b49fca3e7053e4942099
-
SHA512
698d255f479535601f0913968223f3fa6d948becd1208d6e5534c1d5e91507cbd4410afc9d2bea0a3983bd8dee2cde04ac4ed5a66dff05691195600c88b74267
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+sK:LJ0TAz6Mte4A+aaZx8EnCGVus
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2060-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2060-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2060-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x000a000000012238-11.dat upx behavioral1/memory/2060-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2060-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 3b4eae8fd29f593294bd268de1ffd338bd55de93a049b49fca3e7053e4942099N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5d311b8558d1854fe6eb37d77d2aef6f8
SHA14385799f4f33c81cc5944766bfaae8a8d1911b6a
SHA256b41328e577983ff26c32df93bf7ac846cb85af81cd4c3045a0a62d07812a4b0d
SHA512e57617f74863fae44aa147a9460be1dce730e5c07d0d0543382595f48ca574800b6b63a8127897176d6c4d62aabaec2efb39d4b4e0fa3e2af1aa2e595be75824