Analysis

  • max time kernel
    110s
  • max time network
    92s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 13:51

General

  • Target

    cd9a21de308fa544ef420c31c9cb006ddb6f501c6e8f0745b3f861e3402ff83bN.exe

  • Size

    83KB

  • MD5

    632761f723bcd825ccc05ffabf328120

  • SHA1

    0091632a9c3a1b45f520101f9a6616a01cb501e1

  • SHA256

    cd9a21de308fa544ef420c31c9cb006ddb6f501c6e8f0745b3f861e3402ff83b

  • SHA512

    4100054d0b38cf18e445e32c107832c17c529066faaf1158401d9c28f81edc1170e03405765ab392cfdab9623538e3b895b325fd2541f06ec8d85c2799427e47

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+nK:LJ0TAz6Mte4A+aaZx8EnCGVun

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\cd9a21de308fa544ef420c31c9cb006ddb6f501c6e8f0745b3f861e3402ff83bN.exe
    "C:\Users\Admin\AppData\Local\Temp\cd9a21de308fa544ef420c31c9cb006ddb6f501c6e8f0745b3f861e3402ff83bN.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:692

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\rifaien2-EkH6qeKtQ8LJnXsM.exe

          Filesize

          83KB

          MD5

          e40220035eca5a14d18f036062a8d7b3

          SHA1

          5dccffb08edeaa926e865c9c1486b1580f717615

          SHA256

          3f8a50008ef938ff8ee314c06e414b7fb49550f10cfc22178a44a766cf45ec71

          SHA512

          00c150da8ba6f4867d52b1e73f8ea41ceaa4639336ba632dbb673f8e67a3d7d693b0f7c16f36e22bb0558c2b1bd9a2ed9366e4b10af0461fedb4a14e98d1f15a

        • memory/692-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/692-2-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/692-6-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/692-13-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/692-23-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB