Analysis

  • max time kernel
    110s
  • max time network
    93s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    10-11-2024 01:23

General

  • Target

    69a7906bef51b6637337f892b70ce444acdf180cd341cadb1fa55b2491038b72N.exe

  • Size

    83KB

  • MD5

    6f98425185ce6c3f2d1de01b52b7fc90

  • SHA1

    9eae6c5d8e21bb1483bb3a501df4b836e29d9d08

  • SHA256

    69a7906bef51b6637337f892b70ce444acdf180cd341cadb1fa55b2491038b72

  • SHA512

    b9550b9cee1f0a10cd9e372106649cbc91bb4653e89a5a00297c73fbef2c8f2dc895f5616664d9563bbde25772f1f9349f3e61c1fdcba4bf8921f84016c4f059

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+SK:LJ0TAz6Mte4A+aaZx8EnCGVuS

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\69a7906bef51b6637337f892b70ce444acdf180cd341cadb1fa55b2491038b72N.exe
    "C:\Users\Admin\AppData\Local\Temp\69a7906bef51b6637337f892b70ce444acdf180cd341cadb1fa55b2491038b72N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1776

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-PSTc6PeKLhiVYmHR.exe

    Filesize

    83KB

    MD5

    6a8b11b3576882939e681b394cb52093

    SHA1

    345073ec10021dc473fcda467556dd57e1218798

    SHA256

    805024d3a9d89ae9a0d495f7784c7f5f9f6d763892f19c3fee57e759351980f8

    SHA512

    91163ed585e59480687e41a579c836907263ed0cf97c340b561f312f4a0dfd67959b3b29c9cf51fd022552b278eac06d17e53640eab2ebe7422ca2abe8b4bfcb

  • memory/1776-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/1776-2-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/1776-6-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/1776-13-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/1776-23-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB