Analysis

  • max time kernel
    110s
  • max time network
    94s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 13:49

General

  • Target

    f76628fea544369e664c1e48ca6a41634cd69f9fb689abf78e83decf5e1ffe3dN.exe

  • Size

    83KB

  • MD5

    d7664485e73f30aa2d07555611e1bdf0

  • SHA1

    d7de881fb938339e7b08ee53b1b6a4d8c70e96f2

  • SHA256

    f76628fea544369e664c1e48ca6a41634cd69f9fb689abf78e83decf5e1ffe3d

  • SHA512

    01ef23894e9171703060a2f9565db29e070276c21ac33bb32703e33486ccc11d9ef45b456a1f6cdd7f4d97e3d68cddb6e07b5c774587ad856d506bf25ceb81e8

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+9K:LJ0TAz6Mte4A+aaZx8EnCGVu9

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\f76628fea544369e664c1e48ca6a41634cd69f9fb689abf78e83decf5e1ffe3dN.exe
    "C:\Users\Admin\AppData\Local\Temp\f76628fea544369e664c1e48ca6a41634cd69f9fb689abf78e83decf5e1ffe3dN.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2236

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\rifaien2-ZNbaViF4odOOeNH3.exe

          Filesize

          83KB

          MD5

          358a922680a1bc33f30fb115ca6cef0f

          SHA1

          35c38bde2aee8e406ffd67cb6c99464ca96e8889

          SHA256

          1fbf808de2d337347e4b786f1933b2acb124d9b51d9b5864e8104c1e8c7096f5

          SHA512

          5037a07a90be8cf0f15782214caac3db8db6b98d9c6835df4a5e3ddfe5e5938623276ae5903945184a5048e974916b446eec65a55f455feadee91a457fc0ab5b

        • memory/2236-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2236-1-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2236-5-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2236-15-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2236-22-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB