Analysis
-
max time kernel
122s -
max time network
129s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 20:29
Static task
static1
Behavioral task
behavioral1
Sample
698320bfc83fe8622cfef19e9ddab7ccda6408a2d99f1ad777f8ee2d2c9b84e0.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
698320bfc83fe8622cfef19e9ddab7ccda6408a2d99f1ad777f8ee2d2c9b84e0.exe
Resource
win10v2004-20241007-en
General
-
Target
698320bfc83fe8622cfef19e9ddab7ccda6408a2d99f1ad777f8ee2d2c9b84e0.exe
-
Size
7.9MB
-
MD5
a0e475dd1f1d8e16896f9870e6c2a67d
-
SHA1
dc34010b3e737acfa90ae72cdddb51f2ef41f337
-
SHA256
698320bfc83fe8622cfef19e9ddab7ccda6408a2d99f1ad777f8ee2d2c9b84e0
-
SHA512
87a81fc6662b8a5ddb590949bc9c8eb7021d90516dd6bf04900340534e0909d9bd925e6d2c63c3d2f1d0874b15d6973d2db96635b11e62543df55936a9aee246
-
SSDEEP
98304:w4NxK/6sZTj2Ry2fPAWyjNTEY9xFUkcVwNSHfbv/kOIhThw6Q1f+hl/hjY4+iafv:w4m2INTx9Pe20/zkOiu1f+79YR
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
pid Process 2016 698320bfc83fe8622cfef19e9ddab7ccda6408a2d99f1ad777f8ee2d2c9b84e0.exe 2016 698320bfc83fe8622cfef19e9ddab7ccda6408a2d99f1ad777f8ee2d2c9b84e0.exe -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 698320bfc83fe8622cfef19e9ddab7ccda6408a2d99f1ad777f8ee2d2c9b84e0.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2016 698320bfc83fe8622cfef19e9ddab7ccda6408a2d99f1ad777f8ee2d2c9b84e0.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\698320bfc83fe8622cfef19e9ddab7ccda6408a2d99f1ad777f8ee2d2c9b84e0.exe"C:\Users\Admin\AppData\Local\Temp\698320bfc83fe8622cfef19e9ddab7ccda6408a2d99f1ad777f8ee2d2c9b84e0.exe"1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2016
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5743cd074259af7c9e52368bae392a287
SHA141f70d8894e472db9a465869f449ef3a77c68985
SHA256b0b5b123f4da479a31d58ee6aaf7fb4861f0a2b89ed6e1b53338081bd3b7f79b
SHA51209de9b545d02c46752c8dc430b5bfd283082439b4c8a1e778aca50e9fa13702cd5a9e9565ee0dbf7ff09c99eb6503dcc7da7deaaf7d783091ca4753322cedb94
-
Filesize
3KB
MD5bdbcdf7909c8899c2c18b275bec90c5b
SHA1c6331080ff8d5b928146bb83538f61217b712131
SHA2566e98235c03544aa1ddb334e9b9cb0a30beaf557280bfbc2025936fdca5dd8f9d
SHA5129cb8a622d30b996bdd9e1a5cc9e0b268c2537d3c25d66e15a49da86cf87db031e2bf570bffe2a97d771710fcfab30a02350c140a5fcf525bb3a7fd1ba93fd49e
-
Filesize
4KB
MD58cf02291599cdfe9a14fd57ca32a8f10
SHA197c3052efab77f3006d93921adffd0014e59b6c2
SHA2561fa90e0f76ea8f33215d6254f786144b4c2c3baa9e317ba22f9312104ddb63cc
SHA5126480c4d4979253521a57b24907b0e875e039e33bf6513e59ffda7e7c63f24085155265d4c339adb8c5907b129889cf79eab0643b29d9dd7e346255cb146fdb0d
-
Filesize
38B
MD5cbd4285a5ec10ce6ac529f0f5472167b
SHA1ddd66107033720d7b2835ea61d8b593a66102b75
SHA256bb69b078beccaa20af66382d34b8cf22f8a9b8960283564adc220f2451344c63
SHA512353f6d8d696af7ef748ced4d10c1ca164531275bc44c116a085c45d6596ef8e3d2efba6adbebf6b90819a8f2b4c028d25db34705414d2dd3ceb37aec11ca6c3c