Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    10/11/2024, 06:48

General

  • Target

    1aaa4ebba5e4d8c5a2f4f54f2f8be9e2a10cfbb99cdb8267e9e8c733c168b412N.exe

  • Size

    83KB

  • MD5

    6529b3cf1178aa24bb56c4ca594597f0

  • SHA1

    d3b83b4b6a8c786fddf2ca89c6ff75234e1cf546

  • SHA256

    1aaa4ebba5e4d8c5a2f4f54f2f8be9e2a10cfbb99cdb8267e9e8c733c168b412

  • SHA512

    8b8e794d97ff59541c3b82ba24681573086669a6ee393b1301e8a69f492526f93cab43e375109116f776552635e65e23ea5181ee262529647ce3393908904526

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+EK:LJ0TAz6Mte4A+aaZx8EnCGVuE

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\1aaa4ebba5e4d8c5a2f4f54f2f8be9e2a10cfbb99cdb8267e9e8c733c168b412N.exe
    "C:\Users\Admin\AppData\Local\Temp\1aaa4ebba5e4d8c5a2f4f54f2f8be9e2a10cfbb99cdb8267e9e8c733c168b412N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2828

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-IQPeUeclFFKQ6MCT.exe

    Filesize

    83KB

    MD5

    52c423c5767d2fa08308ac4b27069f91

    SHA1

    d67ea2c38d75d7b4d6b86b5762fa9271cf91b85c

    SHA256

    f01989d9a56d141df57c5ebc335439e8f445e61887b50b4a07ef54f06038a2e7

    SHA512

    a253a8e68b8c358c6f0c173964fb7db6fb3033e9db4a6b3c62e6d47b09744e7da2e3101d70fca0045cf972958c105e6b86d4580586b37b49ddc8008e4a943e51

  • memory/2828-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2828-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2828-5-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2828-12-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2828-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB