Analysis

  • max time kernel
    111s
  • max time network
    97s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    09/11/2024, 18:30

General

  • Target

    2135f647497c019b74f636199fdf2b5bd16faf0541df8137915c63f559a136aeN.exe

  • Size

    83KB

  • MD5

    0e529a6e6a30231f605cbea134f13110

  • SHA1

    edd6d9cacbb7afcc0ceaf94e297644b2569d886c

  • SHA256

    2135f647497c019b74f636199fdf2b5bd16faf0541df8137915c63f559a136ae

  • SHA512

    99e4be162ea543d6357dfb3add9b62119e186bc6a551fa8abfe47fad2d76121a75a353fbb7feedba35f94c3713af42ba87345be7d34a670d5c22ca9d5dcb1f46

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+pK:LJ0TAz6Mte4A+aaZx8EnCGVup

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\2135f647497c019b74f636199fdf2b5bd16faf0541df8137915c63f559a136aeN.exe
    "C:\Users\Admin\AppData\Local\Temp\2135f647497c019b74f636199fdf2b5bd16faf0541df8137915c63f559a136aeN.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-sdLMKvjdSmq2v2MJ.exe

    Filesize

    83KB

    MD5

    28e08cc7eb17e29546d07beb3db14249

    SHA1

    55be79b8de867702c180ce4df8f0c70c401cc149

    SHA256

    4f2a4342251261edd050ed58f871acf6e77d2231ff618cd415b2aa1af27c2b67

    SHA512

    7aa73dd62ccac7b775b1e9bfdb9dc694b9c2270cdd60cd11db49909a4e6160867f920aa45fd762627eaaa8adc23bcd1027de49943da2775c83151d07771ba5f2

  • memory/2348-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2348-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2348-5-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2348-12-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2348-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB