Analysis
-
max time kernel
110s -
max time network
97s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 18:28
Behavioral task
behavioral1
Sample
b5612c168a110c6bd2e7ff2a734dfe315282810e43625b64800cda5d219243e2N.exe
Resource
win7-20240903-en
General
-
Target
b5612c168a110c6bd2e7ff2a734dfe315282810e43625b64800cda5d219243e2N.exe
-
Size
83KB
-
MD5
b775083afa9ee53c70f6d0333e4abe70
-
SHA1
97f84ccf9ae5fd0a0d0c998d880633a1a43953de
-
SHA256
b5612c168a110c6bd2e7ff2a734dfe315282810e43625b64800cda5d219243e2
-
SHA512
8d3c8f145a7f78e7a05262a4b11af9de4595132dab55e83dc46888b93dacfbf1480144fc1933d8e1023a22a19f9613b2e6c500856b066d995c69f90d6c3d9c82
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+9K:LJ0TAz6Mte4A+aaZx8EnCGVu9
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1964-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/1964-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/1964-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/1964-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x00090000000120f9-12.dat upx behavioral1/memory/1964-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/1964-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language b5612c168a110c6bd2e7ff2a734dfe315282810e43625b64800cda5d219243e2N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5cf627b765b2d5a1703062a44ae6c2926
SHA1c416da4f35cea173be4e14bbd8f1a7dadd96ab8d
SHA25671c02a19eb5ec38f8d6a5b9ecbe3f5dfa7c3873ef89002ce5a4b342d16cd4123
SHA512592be8e9f326b5a0f03283b6bfc0edec57619765be610aca53edf5a9c25b29dda0bc463a4339c3c1889078d61c5ce0bb22ea942267a385be47df5c645d0d7c5d