Analysis
-
max time kernel
111s -
max time network
96s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
07/11/2024, 15:51
Behavioral task
behavioral1
Sample
bad772011e6ee0a995c1818c419215f8a6255b9ce2dd499b5b4a939579ad1bffN.exe
Resource
win7-20241010-en
General
-
Target
bad772011e6ee0a995c1818c419215f8a6255b9ce2dd499b5b4a939579ad1bffN.exe
-
Size
83KB
-
MD5
a4f866f6c309b5c60e48d32578aacc70
-
SHA1
ef3ec3b9e13970764217f85ce0ce511d2488ba47
-
SHA256
bad772011e6ee0a995c1818c419215f8a6255b9ce2dd499b5b4a939579ad1bff
-
SHA512
999f413fa5427133a0c03226d63c89684a1ffd0bc2bd99239f4d4a17321a1ca822363388ed405dbd7361bf2cba3fe74ea7c5067953063221414a57dc849c56e6
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+NK:LJ0TAz6Mte4A+aaZx8EnCGVuN
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2004-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2004-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2004-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x000b00000001225c-11.dat upx behavioral1/memory/2004-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2004-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language bad772011e6ee0a995c1818c419215f8a6255b9ce2dd499b5b4a939579ad1bffN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD57cb8b289630dbb5cf5ead46703301c5c
SHA1a04d257aca62cceaa03ab82995fc39280bec723b
SHA256a33d1252c2459f36d92ea92013b3ffdf88838c3caccab43dcc60b112fe70b6c1
SHA5123e85b84f6d31d0da92ac7b70e8b2a82829d854c74ab20df3ea89865b3e47979dbd53302cdca08521ce6fe955f6ed36cd99762fa3b09d5e7bec97f5fe7e9d5573