Analysis

  • max time kernel
    111s
  • max time network
    96s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 18:24

General

  • Target

    22f418b63038a2a1c234d12bdb6e54a003ffd37c489df55a15daf49e48b1caa8N.exe

  • Size

    83KB

  • MD5

    9130500b7b3cc96a4720fd48aaff8c90

  • SHA1

    bfa3d55472d520da6067f7993f863f225e46c63b

  • SHA256

    22f418b63038a2a1c234d12bdb6e54a003ffd37c489df55a15daf49e48b1caa8

  • SHA512

    69cc733d20ecf4ccbb262cc56c96273f2a0ced99f5ee2c99f730d65c18e2ec6fe80d3a64b6e15d149420e1763861aab2cd4a68e22ccbf66924adc7edd96de1ab

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+2K:LJ0TAz6Mte4A+aaZx8EnCGVu2

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\22f418b63038a2a1c234d12bdb6e54a003ffd37c489df55a15daf49e48b1caa8N.exe
    "C:\Users\Admin\AppData\Local\Temp\22f418b63038a2a1c234d12bdb6e54a003ffd37c489df55a15daf49e48b1caa8N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2412

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-o6HmBdFMwgQQJoIe.exe

    Filesize

    83KB

    MD5

    a4da14f0668033442c64792c5524f366

    SHA1

    d222b718bfde61084fadd070c8ed25db90319032

    SHA256

    3f8f9890e7d7286b5b53e80b33d03522eceb48b07ab7341d49dcd729eb3bea39

    SHA512

    f8ea35f9562595802c7f66f79f9449ae34a1595e33a97f648ca82cb4e1a043b744952dabdbd475e9fdba5d57486ac828cf98ae5e9f48e2a60185b59641c55df0

  • memory/2412-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2412-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2412-5-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2412-12-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2412-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB