Analysis

  • max time kernel
    111s
  • max time network
    96s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2024, 10:41

General

  • Target

    47e0408c683faa696c1ef42be00d5f5c072a459cd34d3e80a8bfbb3616643a7dN.exe

  • Size

    83KB

  • MD5

    0a368885d0b31cc9af17201cef4575b0

  • SHA1

    8c597f8c0d807a5738a1414b5a2800456019ba59

  • SHA256

    47e0408c683faa696c1ef42be00d5f5c072a459cd34d3e80a8bfbb3616643a7d

  • SHA512

    2522a63e533c92dd1be464a89b06cec0d481cf909c87e7fea7912bfdf830f5f695321a74d18c7588c1976389145c69e4599a58ee002ba731e8f62f55c8d9c506

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+sK:LJ0TAz6Mte4A+aaZx8EnCGVus

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\47e0408c683faa696c1ef42be00d5f5c072a459cd34d3e80a8bfbb3616643a7dN.exe
    "C:\Users\Admin\AppData\Local\Temp\47e0408c683faa696c1ef42be00d5f5c072a459cd34d3e80a8bfbb3616643a7dN.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:576

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\rifaien2-ORJ8EkTYQ88XdXCO.exe

          Filesize

          83KB

          MD5

          262cbedac57016dd46ff73c82d71cf43

          SHA1

          166040786ac022413132bec2469e8f3c7d9068cb

          SHA256

          c9003a1020249e79360ea1f1c2be5e5c64658e879ec2500c460b55bf3002167f

          SHA512

          5cebf99ceaf119c6b88eb84aac35a5aed87c20dba7c580baa4478267043fe4c43566e44d83877d03fb95358e8814758a3b7bd21eaacf8af9db049f75fa6a44c2

        • memory/576-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/576-1-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/576-5-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/576-12-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/576-22-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB