Analysis

  • max time kernel
    110s
  • max time network
    92s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    10/11/2024, 08:34

General

  • Target

    1f107e0d26e48ee0f32fcd082dc4fb5cfef634a7535d509998946a4ca7181767N.exe

  • Size

    83KB

  • MD5

    0763061c9fdd90a535ed0f36b80c91c0

  • SHA1

    111f17947a19b8a98ab8f62631791bebf77c073e

  • SHA256

    1f107e0d26e48ee0f32fcd082dc4fb5cfef634a7535d509998946a4ca7181767

  • SHA512

    f7d30f2b873edf04adfbefa67060d000ce4ffc829f8ce2339d739e8206fb4be3b9a71fbee0ee29043903dec44e64fb1f586360810c0ef454333f01ccb4bcf817

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+/K:LJ0TAz6Mte4A+aaZx8EnCGVu/

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\1f107e0d26e48ee0f32fcd082dc4fb5cfef634a7535d509998946a4ca7181767N.exe
    "C:\Users\Admin\AppData\Local\Temp\1f107e0d26e48ee0f32fcd082dc4fb5cfef634a7535d509998946a4ca7181767N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-PytGhoNJqy90VjUE.exe

    Filesize

    83KB

    MD5

    78e963d659c60aee410632076c9e606e

    SHA1

    29822b12f23b7b452b6f3968af72e16e1314cedb

    SHA256

    23da9bc0dddb95ea834b30098628dd5d54e5864f5754e4c23e3f1e16a1b0b9d6

    SHA512

    3a2e1722834f62cb3b7b66aa8972038a4ea74f489d326a7b08c601db0ac24b9b4d05e23fae6f88178609c557b3b6afa4ced13ac85571274b878296cfdc064b73

  • memory/2584-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2584-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2584-5-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2584-12-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2584-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB