Analysis
-
max time kernel
111s -
max time network
99s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 18:11
Behavioral task
behavioral1
Sample
3b4e3f22b79636feb748526df8c586194ff32d4ae4f187cf85d3f976e716b9feN.exe
Resource
win7-20241010-en
General
-
Target
3b4e3f22b79636feb748526df8c586194ff32d4ae4f187cf85d3f976e716b9feN.exe
-
Size
83KB
-
MD5
e62b9dc770dca50f912606d8fdc02e30
-
SHA1
3c1284d273f483f91eac0398ecdd4f7322a9dead
-
SHA256
3b4e3f22b79636feb748526df8c586194ff32d4ae4f187cf85d3f976e716b9fe
-
SHA512
a7673573a011be786aee6cb02c533f9cbe758d93105af36c0a642ab2e5d6cfcd9c57d61e47e916b4a3d703533d197830078a410c5b9be9d83b2138d1e876081a
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+eK:LJ0TAz6Mte4A+aaZx8EnCGVue
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2380-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2380-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2380-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0016000000005587-11.dat upx behavioral1/memory/2380-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2380-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 3b4e3f22b79636feb748526df8c586194ff32d4ae4f187cf85d3f976e716b9feN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5bc1fed60c97b1dbb6fb9c026cff5f20c
SHA1f3cff1186d1611328e020cabc1a39729b69a1b76
SHA256282b9ce451122609c82968f259653f15ed43aac06456383fc4fc4f18bbd50c45
SHA5122c91fdb0a09f4165d17b8696e1669bc160f5bb54f6f688833cfd57b98c18256dfcc91ee1048c80a110add025047d3baeeab69358e7273055147ed4d2ba57e980