Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 13:35
Behavioral task
behavioral1
Sample
622feca43f5b18f1709ded7dd26b287a6a0dbde0b5105bf3aa835e33f5e37447N.exe
Resource
win7-20241010-en
General
-
Target
622feca43f5b18f1709ded7dd26b287a6a0dbde0b5105bf3aa835e33f5e37447N.exe
-
Size
83KB
-
MD5
39f510b36182444764d018ac4c679ff0
-
SHA1
5871253c1050ebc746f4f2bdee487083ed682622
-
SHA256
622feca43f5b18f1709ded7dd26b287a6a0dbde0b5105bf3aa835e33f5e37447
-
SHA512
f73817d0d44312368a311fa38dd4b7220a776241f26dd3c546d071c00a0137e48c322fd46af09378452c2697458b7f43c47fb43e7a4ba55a6fb0891a73156ddc
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+LK:LJ0TAz6Mte4A+aaZx8EnCGVuL
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2064-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2064-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2064-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0016000000005587-11.dat upx behavioral1/memory/2064-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2064-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 622feca43f5b18f1709ded7dd26b287a6a0dbde0b5105bf3aa835e33f5e37447N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD596e5dbfbed7406fd3c41b6a72c870e53
SHA1e1fed92cd4e56d594f98fbc70a2d77a5dde5461b
SHA25642b68e7a73a915b281a24459cb156cbcbeb3b5cc13b74ea73b3d864dd2f6de9f
SHA512b49be29e5ab2fe23ee29b2eb4cd7156671f2ecb5fe912379f2268c2b1cc8557c99617241c17fcd7f9be03dd59b570b601104850c463040af14ca7e11c507f7b4