Analysis
-
max time kernel
110s -
max time network
92s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 11:06
Behavioral task
behavioral1
Sample
31d4e850366a415c394f28c11863a641d8e435b5f322a731bd30fb951d10dd73N.exe
Resource
win7-20240903-en
General
-
Target
31d4e850366a415c394f28c11863a641d8e435b5f322a731bd30fb951d10dd73N.exe
-
Size
83KB
-
MD5
8a2f27ac6f14a9373c34001569bcac80
-
SHA1
c94a8edb099f63bd53ac0934201f6e3aba6564e4
-
SHA256
31d4e850366a415c394f28c11863a641d8e435b5f322a731bd30fb951d10dd73
-
SHA512
57b926e8747d54568ed030336f89239f9eafbdc3f1e9d75a8939a635e4e75c12536da204b5de65024c4d104c235a5054d89c9d0f1fbf3e94a805c68178791abb
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+JK:LJ0TAz6Mte4A+aaZx8EnCGVuJ
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2844-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2844-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2844-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0005000000004ed7-11.dat upx behavioral1/memory/2844-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2844-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 31d4e850366a415c394f28c11863a641d8e435b5f322a731bd30fb951d10dd73N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5dfb0d7bb4ff0f4beba6ffc3dc60447ef
SHA1476a22098a5dbe42aa165c18be85c147fd06654e
SHA256fdeadf18d1b12a78ec050b6d1595ff1a6a7d7b374103243695d5f9a3c4cf0c17
SHA51292fe1c8fd0314e31cbf90436a1fdf41fdd40f509e2d5fa45637c37d8a0e978cd1b2ce85a3a287f9ae98e16c627f5e7f7a27fc73b919a0f4505fed84ee72cb00f