Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 15:47

General

  • Target

    b3d8411470d3965f2e48345c4f21b9b70e7f099f0373147903ac867d35122e23N.exe

  • Size

    83KB

  • MD5

    8dc0d5c634a488d86bd004d6d72c9d70

  • SHA1

    a32f0ad99516e561e2dce35a53322228102d3040

  • SHA256

    b3d8411470d3965f2e48345c4f21b9b70e7f099f0373147903ac867d35122e23

  • SHA512

    4b7f0709de9c19c651436835671046ec557a2398c37339e8f09c71d6d59b6d68439b6bed9b09a4f14cb78ba9129f9dbad783fbdac252b3a11c431738de6ceecd

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+EK:LJ0TAz6Mte4A+aaZx8EnCGVuE

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\b3d8411470d3965f2e48345c4f21b9b70e7f099f0373147903ac867d35122e23N.exe
    "C:\Users\Admin\AppData\Local\Temp\b3d8411470d3965f2e48345c4f21b9b70e7f099f0373147903ac867d35122e23N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2128

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-gLkvYlIIrDNTr4w8.exe

    Filesize

    83KB

    MD5

    7da7aafd26438dc24dfaf26b82452d69

    SHA1

    c7b360c07bd834134fa4e962a63bda84c139b419

    SHA256

    db80369c27bcfa4f33976bf0a2e9ec928ba6b4ee365970b3606f86d36fd47b25

    SHA512

    5565056bc66d85831f099445a94e255d526924dd7717a3afa8ab47302dc94c148299ae05d874bcd394e4c835b1e51bdec078c63ef79b03b64f1e67e0d0df7f61

  • memory/2128-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2128-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2128-5-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2128-12-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2128-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB