Analysis
-
max time kernel
119s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 15:47
Behavioral task
behavioral1
Sample
b3d8411470d3965f2e48345c4f21b9b70e7f099f0373147903ac867d35122e23N.exe
Resource
win7-20241010-en
General
-
Target
b3d8411470d3965f2e48345c4f21b9b70e7f099f0373147903ac867d35122e23N.exe
-
Size
83KB
-
MD5
8dc0d5c634a488d86bd004d6d72c9d70
-
SHA1
a32f0ad99516e561e2dce35a53322228102d3040
-
SHA256
b3d8411470d3965f2e48345c4f21b9b70e7f099f0373147903ac867d35122e23
-
SHA512
4b7f0709de9c19c651436835671046ec557a2398c37339e8f09c71d6d59b6d68439b6bed9b09a4f14cb78ba9129f9dbad783fbdac252b3a11c431738de6ceecd
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+EK:LJ0TAz6Mte4A+aaZx8EnCGVuE
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2128-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2128-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2128-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x000c00000001225c-11.dat upx behavioral1/memory/2128-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2128-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language b3d8411470d3965f2e48345c4f21b9b70e7f099f0373147903ac867d35122e23N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD57da7aafd26438dc24dfaf26b82452d69
SHA1c7b360c07bd834134fa4e962a63bda84c139b419
SHA256db80369c27bcfa4f33976bf0a2e9ec928ba6b4ee365970b3606f86d36fd47b25
SHA5125565056bc66d85831f099445a94e255d526924dd7717a3afa8ab47302dc94c148299ae05d874bcd394e4c835b1e51bdec078c63ef79b03b64f1e67e0d0df7f61