Analysis

  • max time kernel
    111s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/11/2024, 10:41

General

  • Target

    47e0408c683faa696c1ef42be00d5f5c072a459cd34d3e80a8bfbb3616643a7dN.exe

  • Size

    83KB

  • MD5

    0a368885d0b31cc9af17201cef4575b0

  • SHA1

    8c597f8c0d807a5738a1414b5a2800456019ba59

  • SHA256

    47e0408c683faa696c1ef42be00d5f5c072a459cd34d3e80a8bfbb3616643a7d

  • SHA512

    2522a63e533c92dd1be464a89b06cec0d481cf909c87e7fea7912bfdf830f5f695321a74d18c7588c1976389145c69e4599a58ee002ba731e8f62f55c8d9c506

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+sK:LJ0TAz6Mte4A+aaZx8EnCGVus

Score
5/10

Malware Config

Signatures

  • UPX packed file 7 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\47e0408c683faa696c1ef42be00d5f5c072a459cd34d3e80a8bfbb3616643a7dN.exe
    "C:\Users\Admin\AppData\Local\Temp\47e0408c683faa696c1ef42be00d5f5c072a459cd34d3e80a8bfbb3616643a7dN.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2116

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\rifaien2-E3HUnQH9Gbk1jWW0.exe

          Filesize

          83KB

          MD5

          d8c300e6c2cafce414d8d67ef4aabf8b

          SHA1

          0d09c891e75332eeb2978e558164428c6c87918b

          SHA256

          d1be57ea66176ca8a6d024e17d2495a326d00fddeeb67328a232e47c3b4d42d0

          SHA512

          651f8418973996e548e6f1da88abdb0402c58ce9ae8a73a5ff211bfed4959a46fb80fa65065ea1754d4fc69f00c77c9f879b887952939b2f7ac1393a025fd687

        • memory/2116-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2116-1-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2116-4-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2116-8-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2116-15-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2116-22-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB