Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 14:31
Behavioral task
behavioral1
Sample
d28a035e2edc60a1eb00aebfa05d08c3c7d6d2a76a867927ccda5a82e483e9d4N.exe
Resource
win7-20240903-en
General
-
Target
d28a035e2edc60a1eb00aebfa05d08c3c7d6d2a76a867927ccda5a82e483e9d4N.exe
-
Size
83KB
-
MD5
179d130e41e99e985f7cecb588d07880
-
SHA1
f57bfb61ac8c0f8382aed355204f402e6ead4a1a
-
SHA256
d28a035e2edc60a1eb00aebfa05d08c3c7d6d2a76a867927ccda5a82e483e9d4
-
SHA512
cd0a849d50096b148a774cfb2d57d645f7f29db7ca801eafd61ecd90ff65d787b0bc5a9bd59c7002e728e02e00e3121044dea031e8129d288fdb3a4f1f9ffc60
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+IK:LJ0TAz6Mte4A+aaZx8EnCGVuI
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2268-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2268-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2268-7-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x000f00000001228d-11.dat upx behavioral1/memory/2268-14-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2268-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language d28a035e2edc60a1eb00aebfa05d08c3c7d6d2a76a867927ccda5a82e483e9d4N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5d2e804d1195f9a5dcca18c6d53da548b
SHA1dbd3810bf14a8a8422663ecdb114cf052b40f9c2
SHA256fe3ef23cbca43c8aa9b82523a42d0376751174e0d2e98649ab20a928e07ca0c5
SHA512b6f035f594c9ed4a519be45f772efd999ffb62237e4a548f0bd8900f7f5730b38dd7966a98d1304f17f54dd803522e422aabc3ade0349dad5cacbd7ba0ff6ba3