Analysis
-
max time kernel
111s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
10-11-2024 01:20
Behavioral task
behavioral1
Sample
1e1e1e3c1f1ec0acd9a3c815e651ca6de2a90800af7dafacd16f361450705410N.exe
Resource
win7-20241010-en
General
-
Target
1e1e1e3c1f1ec0acd9a3c815e651ca6de2a90800af7dafacd16f361450705410N.exe
-
Size
83KB
-
MD5
eeb0145e680087433b7ff1f4d66da2e0
-
SHA1
dcbaf5063012c608decf5cf88afda893c542e2e8
-
SHA256
1e1e1e3c1f1ec0acd9a3c815e651ca6de2a90800af7dafacd16f361450705410
-
SHA512
fd87cfaf67d0367759c9d51b27becb9225c3fa6719271ca125754cce74d74682bbebfc7c48c7655f4234421006ff64330230b097c96ad69d6b49e4ff556a60d3
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+gK:LJ0TAz6Mte4A+aaZx8EnCGVug
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral2/memory/2580-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2580-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2580-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2580-8-0x0000000000400000-0x000000000042A000-memory.dmp upx C:\Users\Admin\AppData\Local\Temp\rifaien2-YBj4BzGjaEA3dICO.exe upx behavioral2/memory/2580-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2580-20-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
1e1e1e3c1f1ec0acd9a3c815e651ca6de2a90800af7dafacd16f361450705410N.exedescription ioc process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 1e1e1e3c1f1ec0acd9a3c815e651ca6de2a90800af7dafacd16f361450705410N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5d802b7cadf90755cd7f6df224b05eb30
SHA10f0b2126bfefae061bbd317c923955cc8117b63b
SHA256262f0d13cd392dbc7bc5e8fd05112cd0b2f3269d97d2cf863f506bd015be8eca
SHA512a96b6f567be53c6a2705e47a43ca7100c3aea803ac439f7ecde1ea4e29465521d114fc9f60f5d4c9c7bdd998927d849404420b3de048eae2f809139be475a14d