Analysis
-
max time kernel
110s -
max time network
93s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
07/11/2024, 15:39
Behavioral task
behavioral1
Sample
81bb6755e982ea88afedb23d6c279b9da7533d340ab9646eb9d6b88bf09954f8N.exe
Resource
win7-20240903-en
General
-
Target
81bb6755e982ea88afedb23d6c279b9da7533d340ab9646eb9d6b88bf09954f8N.exe
-
Size
83KB
-
MD5
14114c7db5254135552258d7fe997b60
-
SHA1
1544f5f75bccf892c6280891187b27c6df28e985
-
SHA256
81bb6755e982ea88afedb23d6c279b9da7533d340ab9646eb9d6b88bf09954f8
-
SHA512
52f82340745b84ad14ffa8f384dc07ddf969aecf46fc484f2db5273bf5faabb2c6ea4e7e4e2dc51ab2f3bdb99f2e0e8e76ec5daf97150c7ab4804769ec123b14
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+pK:LJ0TAz6Mte4A+aaZx8EnCGVup
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2444-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2444-2-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2444-6-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x000d00000001226b-13.dat upx behavioral1/memory/2444-16-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2444-23-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 81bb6755e982ea88afedb23d6c279b9da7533d340ab9646eb9d6b88bf09954f8N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5ceb99d444c4b439259202495650c3884
SHA1dbb67d84b907ee64962c6d340186051e5f4e4b1a
SHA256db2235da9829a0da02997024d355a5ab9e7c6f8241bc270dddbfdbad770bfa1c
SHA51223a08d727cec825afec506bfc8e4831b6ccac9f40e56af8bb9c3ded44856f7c7109affa376127021ecbb8ab02f95526aed34b84631406a05777f8542bf437e17