Analysis
-
max time kernel
110s -
max time network
93s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
07/11/2024, 10:50
Behavioral task
behavioral1
Sample
0dcccc24eddb4142aeb31911a614d87002de75433aabbd044dc227a0a9d379f1N.exe
Resource
win7-20241010-en
General
-
Target
0dcccc24eddb4142aeb31911a614d87002de75433aabbd044dc227a0a9d379f1N.exe
-
Size
83KB
-
MD5
9cef1f6df02e058eddfec6ec68df3710
-
SHA1
2be37e323dacc44550a98c32e8119feba22289b0
-
SHA256
0dcccc24eddb4142aeb31911a614d87002de75433aabbd044dc227a0a9d379f1
-
SHA512
fccb741beb935c3304792ec567b2f3dd325a214f3f2430ba625f0e94b79942bfe327552515d42ffbdf2c9ea3bd999d2200fb66be8f94cea8fb0696cbf4a89749
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+uK:LJ0TAz6Mte4A+aaZx8EnCGVuu
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/576-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/576-2-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/576-6-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0005000000004ed7-12.dat upx behavioral1/memory/576-13-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/576-23-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 0dcccc24eddb4142aeb31911a614d87002de75433aabbd044dc227a0a9d379f1N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5975befec1f1e77bbf29fd449103f1a55
SHA14e28932438243d8cb28e01c8c5f942405d723b1f
SHA256fc7a8a07529ec3598a7a439aadc1cf6a07beb641dc07de4d98a8683a2e790633
SHA51215fb7cd70799e39314321bfeef2bb3425bb6f97aefb546d374645ee9d26d7f430aef40fed1c0b2cc53ecea5328e160033723f8843fa3a0529f175d83640c85e3