Analysis

  • max time kernel
    110s
  • max time network
    95s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 11:13

General

  • Target

    e87ab4953c914a2a753b6155dc5dd33ce1b0eeede846ae96cf99cc64e1c39d75N.exe

  • Size

    83KB

  • MD5

    23f6882a2ff6d3173079895f1d282030

  • SHA1

    26a8fd1412228b153661a4308f107d3b3e9c273a

  • SHA256

    e87ab4953c914a2a753b6155dc5dd33ce1b0eeede846ae96cf99cc64e1c39d75

  • SHA512

    be09f56cf3a1fd312abe725fbb81d7359feb3966443dfb52cd11a9146c50a478adcbaa0dcc0856235fcca2be9d7c034e3128160f6ce65cf19f939a20ac9332c5

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+DK:LJ0TAz6Mte4A+aaZx8EnCGVuD

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\e87ab4953c914a2a753b6155dc5dd33ce1b0eeede846ae96cf99cc64e1c39d75N.exe
    "C:\Users\Admin\AppData\Local\Temp\e87ab4953c914a2a753b6155dc5dd33ce1b0eeede846ae96cf99cc64e1c39d75N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2236

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\rifaien2-5X3egvhMIaqfDW93.exe

          Filesize

          83KB

          MD5

          941572bb68330076e757e2cc09e4f98e

          SHA1

          542809888bd763ae6fe36b6a382cda9c9d7c7c35

          SHA256

          907e046f60baf7e84010eaea3bda09f6a6297fac2e3cfe1467415dcbf3708c90

          SHA512

          800519d3fa2925e28481bfe8653836ad30a36729ce0416b0eb97789985b5d52c2d9cd56123065533b6b82bbc339cfd1ce6d99c38c76202c511ce824659142b7a

        • memory/2236-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2236-1-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2236-6-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2236-12-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2236-22-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB