Analysis
-
max time kernel
111s -
max time network
96s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 18:24
Behavioral task
behavioral1
Sample
22f418b63038a2a1c234d12bdb6e54a003ffd37c489df55a15daf49e48b1caa8N.exe
Resource
win7-20241010-en
General
-
Target
22f418b63038a2a1c234d12bdb6e54a003ffd37c489df55a15daf49e48b1caa8N.exe
-
Size
83KB
-
MD5
9130500b7b3cc96a4720fd48aaff8c90
-
SHA1
bfa3d55472d520da6067f7993f863f225e46c63b
-
SHA256
22f418b63038a2a1c234d12bdb6e54a003ffd37c489df55a15daf49e48b1caa8
-
SHA512
69cc733d20ecf4ccbb262cc56c96273f2a0ced99f5ee2c99f730d65c18e2ec6fe80d3a64b6e15d149420e1763861aab2cd4a68e22ccbf66924adc7edd96de1ab
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+2K:LJ0TAz6Mte4A+aaZx8EnCGVu2
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2412-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2412-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2412-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x000a000000016cd8-11.dat upx behavioral1/memory/2412-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2412-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 22f418b63038a2a1c234d12bdb6e54a003ffd37c489df55a15daf49e48b1caa8N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5a4da14f0668033442c64792c5524f366
SHA1d222b718bfde61084fadd070c8ed25db90319032
SHA2563f8f9890e7d7286b5b53e80b33d03522eceb48b07ab7341d49dcd729eb3bea39
SHA512f8ea35f9562595802c7f66f79f9449ae34a1595e33a97f648ca82cb4e1a043b744952dabdbd475e9fdba5d57486ac828cf98ae5e9f48e2a60185b59641c55df0