Analysis

  • max time kernel
    111s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/11/2024, 18:25

General

  • Target

    53c905eebeafe3777a7c5410ccbf9df64a3d20e013a70e5578ca1181fccb4e0bN.exe

  • Size

    83KB

  • MD5

    441bb2cb89652432b41565f2794f9e60

  • SHA1

    44e7c0ef26e88b47066c065723464355566ed86f

  • SHA256

    53c905eebeafe3777a7c5410ccbf9df64a3d20e013a70e5578ca1181fccb4e0b

  • SHA512

    45733d171c8e94c886e6c24c69a753a6dc3ad23d02cc9f503dfe76bb5bcc7ac586eeeb06d5160b5ef88f0306865fd1e92ebbf735fbd9aef6e20958298c690251

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+XK:LJ0TAz6Mte4A+aaZx8EnCGVuX

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\53c905eebeafe3777a7c5410ccbf9df64a3d20e013a70e5578ca1181fccb4e0bN.exe
    "C:\Users\Admin\AppData\Local\Temp\53c905eebeafe3777a7c5410ccbf9df64a3d20e013a70e5578ca1181fccb4e0bN.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:368

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-dZeeTweODtNMgi35.exe

    Filesize

    83KB

    MD5

    6b66335323b9f3ede9dba0bce04c98ce

    SHA1

    8fe2bb48fc425a0e55b49ba01c53f2caed763a59

    SHA256

    1449b94810eb5bee62889c52716e5088b986daa428f477a1447b50a93b93c56e

    SHA512

    aa54275687c893a76a973467b20071d0c906c0d512663fa15a09a92d25df8973b8268e7927f2fe15c1345ab696eee6cd0eb8ec1b85663f1540aea3abc76e9acb

  • memory/368-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/368-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/368-5-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/368-13-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/368-19-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB