Analysis

  • max time kernel
    110s
  • max time network
    94s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 13:47

General

  • Target

    5f2715dff5cb8375fda66360f5ad95f3f4cb554dc34e1fef7652b6279ece1376N.exe

  • Size

    83KB

  • MD5

    746b2f1e783cb43263a5e6c2501ab170

  • SHA1

    6160894a2acaf8e2da292055e9843f2cedcec95a

  • SHA256

    5f2715dff5cb8375fda66360f5ad95f3f4cb554dc34e1fef7652b6279ece1376

  • SHA512

    51c1915e51e41d977e5f9645b0c56a16606b4942a9ef29a6c297064ac909b89ad4ce9ad714bf03a59461341b4c6af2ed759b8c3633743a2548bec16b2eec08ee

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+UK:LJ0TAz6Mte4A+aaZx8EnCGVuU

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\5f2715dff5cb8375fda66360f5ad95f3f4cb554dc34e1fef7652b6279ece1376N.exe
    "C:\Users\Admin\AppData\Local\Temp\5f2715dff5cb8375fda66360f5ad95f3f4cb554dc34e1fef7652b6279ece1376N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1824

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\rifaien2-n03ma3C0aWhko6Lj.exe

          Filesize

          83KB

          MD5

          185ce07eb73d259509b81294d4611f53

          SHA1

          30d37df821f75a32bc02d67c5b702c7d2267b6f3

          SHA256

          92cdec66751bad23a958a9d4646e7777ab4fcb7e88385442620fb3ad7d739819

          SHA512

          69ca9f9b58c19bc8e7bb92ae1f663204abfe953bed528cf6d8dd9acfcfad6c8a436945d952b09aedcd1f5f5f0e89be26837b4d90a2026fe63834dac61f8d9de8

        • memory/1824-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/1824-1-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/1824-7-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/1824-14-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/1824-22-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB