Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
07/11/2024, 10:45
Behavioral task
behavioral1
Sample
0f755db920162611c515bdf80383a3314f0334843c722c6a240a1c49e490b9dfN.exe
Resource
win7-20240903-en
General
-
Target
0f755db920162611c515bdf80383a3314f0334843c722c6a240a1c49e490b9dfN.exe
-
Size
83KB
-
MD5
39a9205557e7a825dcd96ee2dcc963f0
-
SHA1
26182e759f5962affe3e5cc4238d439a53671e91
-
SHA256
0f755db920162611c515bdf80383a3314f0334843c722c6a240a1c49e490b9df
-
SHA512
b97a305ce723f8910704ff667ad6251a474f2bf7315630bd428c632903e663cd91d468562317fc4198c91d8f50308a141bfc298eba1f29b00e0c1e11ef9536ae
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+LK:LJ0TAz6Mte4A+aaZx8EnCGVuL
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2672-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2672-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2672-7-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0008000000012118-11.dat upx behavioral1/memory/2672-14-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2672-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 0f755db920162611c515bdf80383a3314f0334843c722c6a240a1c49e490b9dfN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD58bf30eaffa2889547e16c8e12c5e05f0
SHA125586049376a8e21214e2c60383fee4e5a7a04e5
SHA256e025f9b02c80576dec7e690f72a7988cdf6bf94ce0036d25a9127efa0cc3923d
SHA5128463dced4dc7188b49b4d265c84db1f892bd0b775b9f3456beefc2a270bc8eb60dc1c7b7602e36ed362bf2780daf098d04ef72beb1d74cfea6f4514154ea8d14