Analysis
-
max time kernel
110s -
max time network
94s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 13:49
Behavioral task
behavioral1
Sample
f76628fea544369e664c1e48ca6a41634cd69f9fb689abf78e83decf5e1ffe3dN.exe
Resource
win7-20240903-en
General
-
Target
f76628fea544369e664c1e48ca6a41634cd69f9fb689abf78e83decf5e1ffe3dN.exe
-
Size
83KB
-
MD5
d7664485e73f30aa2d07555611e1bdf0
-
SHA1
d7de881fb938339e7b08ee53b1b6a4d8c70e96f2
-
SHA256
f76628fea544369e664c1e48ca6a41634cd69f9fb689abf78e83decf5e1ffe3d
-
SHA512
01ef23894e9171703060a2f9565db29e070276c21ac33bb32703e33486ccc11d9ef45b456a1f6cdd7f4d97e3d68cddb6e07b5c774587ad856d506bf25ceb81e8
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+9K:LJ0TAz6Mte4A+aaZx8EnCGVu9
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2236-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2236-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2236-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0004000000013d08-12.dat upx behavioral1/memory/2236-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2236-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language f76628fea544369e664c1e48ca6a41634cd69f9fb689abf78e83decf5e1ffe3dN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5358a922680a1bc33f30fb115ca6cef0f
SHA135c38bde2aee8e406ffd67cb6c99464ca96e8889
SHA2561fbf808de2d337347e4b786f1933b2acb124d9b51d9b5864e8104c1e8c7096f5
SHA5125037a07a90be8cf0f15782214caac3db8db6b98d9c6835df4a5e3ddfe5e5938623276ae5903945184a5048e974916b446eec65a55f455feadee91a457fc0ab5b