Analysis
-
max time kernel
110s -
max time network
93s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
10/11/2024, 08:31
Behavioral task
behavioral1
Sample
232a350890a4059890db20d83a4564703cff5d9f5f16bf4fc35e821caae2847dN.exe
Resource
win7-20241010-en
General
-
Target
232a350890a4059890db20d83a4564703cff5d9f5f16bf4fc35e821caae2847dN.exe
-
Size
83KB
-
MD5
ff7e88bc982df4957ef3a83601a3dcd0
-
SHA1
fd1a8a074108989df6466d010b2bbd6c2f921244
-
SHA256
232a350890a4059890db20d83a4564703cff5d9f5f16bf4fc35e821caae2847d
-
SHA512
3eaeb6fb6459730ee35fc8664c1a31d0e9b6dc9cd22e46317b91fa5899365f295852241fba3725a6fe41d4b9f41eb51246fe11cd52e0e2a92819bfff73c68f8c
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+PK:LJ0TAz6Mte4A+aaZx8EnCGVuP
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2484-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2484-2-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2484-6-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0005000000004ed7-13.dat upx behavioral1/memory/2484-16-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2484-23-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 232a350890a4059890db20d83a4564703cff5d9f5f16bf4fc35e821caae2847dN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5c79f0f2d8e594fa2de9753374deb1211
SHA1b9ecd56f91ca3e50152ad0571d34e394e99959f7
SHA256f4b791839f1d455da3780ef101f672a942d5a1744189b6b77c260eea9338d9ba
SHA512555839b9a7513b2eff9612791589c86131746da706b433e1bded3f1bcf7b18f8e45616de32f30e59fc98eadd7464b63619dcbb31d654b13a7cf9392be8dce0dd