Analysis
-
max time kernel
110s -
max time network
101s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
07/11/2024, 15:23
Behavioral task
behavioral1
Sample
948bd5ef4f06c65f0c4331af15e2103297a206cb3b012ce61a59ea8783ea1b70N.exe
Resource
win7-20240903-en
General
-
Target
948bd5ef4f06c65f0c4331af15e2103297a206cb3b012ce61a59ea8783ea1b70N.exe
-
Size
83KB
-
MD5
0e31b672618aaaedb26578fb7d486ff0
-
SHA1
906e67d9e8df0815fe66190eb9e492b074ab3159
-
SHA256
948bd5ef4f06c65f0c4331af15e2103297a206cb3b012ce61a59ea8783ea1b70
-
SHA512
cd285598815e5e807f8c4c88d4949fd994c7ee5d8c7004f3a161e8836d913fa96825e45ebc184c81b57bfa191ea114875f4fe6546e300bfaf8e0bf97140b66bf
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+JK:LJ0TAz6Mte4A+aaZx8EnCGVuJ
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2300-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2300-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2300-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0004000000004ed7-12.dat upx behavioral1/memory/2300-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2300-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 948bd5ef4f06c65f0c4331af15e2103297a206cb3b012ce61a59ea8783ea1b70N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD599f3aa427383c2c3ee090f9f5c84416f
SHA1b735a257ee08e7dcdedfde6c3445a6cd0463a1c5
SHA2562c353a4119fec271ae3616e456f498d1c3a53be2f2da48fa6e7016f814f93507
SHA512f4b3eb8a93367df7b217af3885ebb6cf0a01f86507e7e7735e586eef069b8c63e5572e6bec79c6bcac7296a053b88ee5bd47961aff1d29adea6e27d5687f97c6