Analysis
-
max time kernel
110s -
max time network
93s -
platform
windows7_x64 -
resource
win7-20241023-en -
resource tags
arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system -
submitted
07/11/2024, 10:29
Behavioral task
behavioral1
Sample
fd9cafbbe9030456d33ccd6dc79d09be75eadc32cf6bbfebfa84cf2d5ed824f2N.exe
Resource
win7-20241023-en
General
-
Target
fd9cafbbe9030456d33ccd6dc79d09be75eadc32cf6bbfebfa84cf2d5ed824f2N.exe
-
Size
83KB
-
MD5
d9bac07746770f71203965469844e5c0
-
SHA1
2e946d3070ba7064be5120269cb1d893ebc10ec7
-
SHA256
fd9cafbbe9030456d33ccd6dc79d09be75eadc32cf6bbfebfa84cf2d5ed824f2
-
SHA512
ee197083ed0bdc5d3b4035a9609a1eabf16316a6e279f8b1d67067878b2e4ce7bb827f9658494069572009023c3b8a545c93c95e44d8ce190d74d0d660917b30
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+nK:LJ0TAz6Mte4A+aaZx8EnCGVun
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2536-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2536-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2536-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0005000000004ed7-11.dat upx behavioral1/memory/2536-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2536-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language fd9cafbbe9030456d33ccd6dc79d09be75eadc32cf6bbfebfa84cf2d5ed824f2N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5de811047cfb9dfb834113c2d77f1589a
SHA18bd26241a9d9a28ff14aaefb402aa7f7d572a23d
SHA25668f481490bd40e0ada0b3e5c01bc31e4b683c3ed76599364543f519d04b34632
SHA5128e82801abea012db77eaaa17349e728fa32efe73ac43131a28c083013f3084b816c38df6b9acb78015cd1858b0e673fd8b01d6a4f0b747045d7a18c398d78187