Analysis
-
max time kernel
110s -
max time network
91s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 15:53
Behavioral task
behavioral1
Sample
ae48bdc31cfcf7ff37f823211cfe08eced82832beb87b2ebe019101755b72f0cN.exe
Resource
win7-20240903-en
General
-
Target
ae48bdc31cfcf7ff37f823211cfe08eced82832beb87b2ebe019101755b72f0cN.exe
-
Size
83KB
-
MD5
0664a4d61afcc0d9e74668ac5be9e260
-
SHA1
f34abec4f9ae3a074afbbbc33481ae4cdf4b968e
-
SHA256
ae48bdc31cfcf7ff37f823211cfe08eced82832beb87b2ebe019101755b72f0c
-
SHA512
d35bf79e7eaae1021ec6a07d1ab26fc92793a24671e3c8019b6379bacabd7f9af63db2a5588867db2caacc4170b4f381818b4b9f1abf7b803d957dcf43ba786b
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+YK:LJ0TAz6Mte4A+aaZx8EnCGVuY
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/3048-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/3048-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/3048-6-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0005000000004ed7-11.dat upx behavioral1/memory/3048-14-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/3048-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language ae48bdc31cfcf7ff37f823211cfe08eced82832beb87b2ebe019101755b72f0cN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD565f7f3d59ded0cd2edc4b2388e24ea87
SHA18df620ad52fd5a8c7be9df66b820cd14667d7dc4
SHA2568ff39e1c98e740007ac3aeb8b0d477555de7234b814b6fda50594dd3684cb046
SHA512123f02ea1d10cab9b9beb6e54ea1f0523e6726c5440d3b5741a1f8984f94149e8903afe857dfb14dcc3aea44813f9dd8621bfe9c14daac92e0976b8c1a09de93