Analysis
-
max time kernel
120s -
max time network
96s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
07/11/2024, 15:52
Behavioral task
behavioral1
Sample
578adcf20ee5125e82a4944a220739e5830914e077a44d67fc69133023703b1eN.exe
Resource
win7-20241010-en
General
-
Target
578adcf20ee5125e82a4944a220739e5830914e077a44d67fc69133023703b1eN.exe
-
Size
83KB
-
MD5
a36bde69a8bcf622d9942fd4e12b02b0
-
SHA1
856350e454e35662e7324d26ad0c4a3ebbf70e79
-
SHA256
578adcf20ee5125e82a4944a220739e5830914e077a44d67fc69133023703b1e
-
SHA512
a873c47afe517b37c5827097c23ffed343ee26373e40c370821b277753141acb5e61e0bebf4d8d5d56afb1e05019e6b3429efadf52e80465c21da4043b163c50
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+hK:LJ0TAz6Mte4A+aaZx8EnCGVuh
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2188-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2188-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2188-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0016000000005587-11.dat upx behavioral1/memory/2188-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2188-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 578adcf20ee5125e82a4944a220739e5830914e077a44d67fc69133023703b1eN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5c0d0b632010bf3f82b666fda3fdf410f
SHA1271592510c7755d5bd3f8c678a6e96f608e3c28c
SHA2565e3e88c30f3c54e5d99dde4e853ed272c5e512ea8d14d9cea2827cc39ef03941
SHA512dc5a962392f50dcb538afa8d9d34a8230826da1fe58e7baf574c95753f864bab00851e85603d651748976c58e9b728e13c52abaa3f0f75144c9761f1329dc34e