Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 14:31

General

  • Target

    d28a035e2edc60a1eb00aebfa05d08c3c7d6d2a76a867927ccda5a82e483e9d4N.exe

  • Size

    83KB

  • MD5

    179d130e41e99e985f7cecb588d07880

  • SHA1

    f57bfb61ac8c0f8382aed355204f402e6ead4a1a

  • SHA256

    d28a035e2edc60a1eb00aebfa05d08c3c7d6d2a76a867927ccda5a82e483e9d4

  • SHA512

    cd0a849d50096b148a774cfb2d57d645f7f29db7ca801eafd61ecd90ff65d787b0bc5a9bd59c7002e728e02e00e3121044dea031e8129d288fdb3a4f1f9ffc60

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+IK:LJ0TAz6Mte4A+aaZx8EnCGVuI

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\d28a035e2edc60a1eb00aebfa05d08c3c7d6d2a76a867927ccda5a82e483e9d4N.exe
    "C:\Users\Admin\AppData\Local\Temp\d28a035e2edc60a1eb00aebfa05d08c3c7d6d2a76a867927ccda5a82e483e9d4N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2268

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\rifaien2-A2xYydRiDXcnENEl.exe

          Filesize

          83KB

          MD5

          d2e804d1195f9a5dcca18c6d53da548b

          SHA1

          dbd3810bf14a8a8422663ecdb114cf052b40f9c2

          SHA256

          fe3ef23cbca43c8aa9b82523a42d0376751174e0d2e98649ab20a928e07ca0c5

          SHA512

          b6f035f594c9ed4a519be45f772efd999ffb62237e4a548f0bd8900f7f5730b38dd7966a98d1304f17f54dd803522e422aabc3ade0349dad5cacbd7ba0ff6ba3

        • memory/2268-0-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2268-1-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2268-7-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2268-14-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB

        • memory/2268-22-0x0000000000400000-0x000000000042A000-memory.dmp

          Filesize

          168KB