Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 11:32
Behavioral task
behavioral1
Sample
8cb588a9d977b2d93d3dcb59367a10461ce6ac4575583a2613d443e3527bd780N.exe
Resource
win7-20240903-en
General
-
Target
8cb588a9d977b2d93d3dcb59367a10461ce6ac4575583a2613d443e3527bd780N.exe
-
Size
83KB
-
MD5
5a514ac397b76830a39d7ab0c2f4a2e0
-
SHA1
02e0164e1acb279238c4ebdec7ca2a4d6021eaed
-
SHA256
8cb588a9d977b2d93d3dcb59367a10461ce6ac4575583a2613d443e3527bd780
-
SHA512
09ea8a662eb69c5b74ca0810847a7acd8f803b1d85c8982d24cc8361fec2d199ecb0b4e0c89b0273a625a2b99146fe4767d036e9e75448bb25f72883e6742985
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+5K:LJ0TAz6Mte4A+aaZx8EnCGVu5
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1152-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/1152-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/1152-7-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0005000000004ed7-11.dat upx behavioral1/memory/1152-14-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/1152-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 8cb588a9d977b2d93d3dcb59367a10461ce6ac4575583a2613d443e3527bd780N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5c627540231e4851d5cf2a6b360c83f89
SHA1f3bae5c061f10c560323ef1c47848440cbc05c74
SHA256d3267ad8d0eb3f1ff3147373c3039500cf6af1fdc95eefa7ae1ed603f58683e5
SHA512b4421148b5df06a4dcecaa7b4eef6784a44f961d771e1ca7f08410c0edcb3f009b59247ae98c1cccd3520d9f7372b38cf67e800820c69db07586fd3dfbcb919d