Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    10/11/2024, 08:34

General

  • Target

    8893c09953272f3fb4f814151d81502a51f2448cc96de15d9e88161c86d2cd1eN.exe

  • Size

    83KB

  • MD5

    38e2412de54ec43b29d5ebe06a2f5b10

  • SHA1

    c620eb1a2b41fc971d549db7c66aff0105f9c4ad

  • SHA256

    8893c09953272f3fb4f814151d81502a51f2448cc96de15d9e88161c86d2cd1e

  • SHA512

    e66b1dd214ad385a527d262b82b681492bd3b9bd043e052aa014e2697ccead3fcae83590edd3c92529651c555b79b22ed3574f12cd1e9b089c60ae14282d43ce

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+DK:LJ0TAz6Mte4A+aaZx8EnCGVuD

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\8893c09953272f3fb4f814151d81502a51f2448cc96de15d9e88161c86d2cd1eN.exe
    "C:\Users\Admin\AppData\Local\Temp\8893c09953272f3fb4f814151d81502a51f2448cc96de15d9e88161c86d2cd1eN.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-uAcpmeJaUOWadrYW.exe

    Filesize

    83KB

    MD5

    7722a28c6e7ff79fd63ddcbde679eb76

    SHA1

    a0b594f35724e5c36116c1feafac6fedf20b4cfa

    SHA256

    a34b96ad734575b59be46c8396eb80c202f171c681fe584f9db1fa5003a8c920

    SHA512

    98e295eebe19986c00f3045d02612408f21492f5293494b2d0db458a2967dcebb0f17e8da3444036feb2976ad1f9260b8ac08f93e1ebbb2c466ee77d76dd77bf

  • memory/2784-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2784-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2784-5-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2784-12-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/2784-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB