Analysis

  • max time kernel
    110s
  • max time network
    101s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2024, 15:23

General

  • Target

    948bd5ef4f06c65f0c4331af15e2103297a206cb3b012ce61a59ea8783ea1b70N.exe

  • Size

    83KB

  • MD5

    0e31b672618aaaedb26578fb7d486ff0

  • SHA1

    906e67d9e8df0815fe66190eb9e492b074ab3159

  • SHA256

    948bd5ef4f06c65f0c4331af15e2103297a206cb3b012ce61a59ea8783ea1b70

  • SHA512

    cd285598815e5e807f8c4c88d4949fd994c7ee5d8c7004f3a161e8836d913fa96825e45ebc184c81b57bfa191ea114875f4fe6546e300bfaf8e0bf97140b66bf

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+JK:LJ0TAz6Mte4A+aaZx8EnCGVuJ

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\948bd5ef4f06c65f0c4331af15e2103297a206cb3b012ce61a59ea8783ea1b70N.exe
    "C:\Users\Admin\AppData\Local\Temp\948bd5ef4f06c65f0c4331af15e2103297a206cb3b012ce61a59ea8783ea1b70N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2300

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\rifaien2-t2EIX4HegDK0BXWG.exe

          Filesize

          83KB

          MD5

          99f3aa427383c2c3ee090f9f5c84416f

          SHA1

          b735a257ee08e7dcdedfde6c3445a6cd0463a1c5

          SHA256

          2c353a4119fec271ae3616e456f498d1c3a53be2f2da48fa6e7016f814f93507

          SHA512

          f4b3eb8a93367df7b217af3885ebb6cf0a01f86507e7e7735e586eef069b8c63e5572e6bec79c6bcac7296a053b88ee5bd47961aff1d29adea6e27d5687f97c6

        • memory/2300-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2300-1-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2300-5-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2300-15-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2300-22-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB