Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
10/11/2024, 08:34
Behavioral task
behavioral1
Sample
8893c09953272f3fb4f814151d81502a51f2448cc96de15d9e88161c86d2cd1eN.exe
Resource
win7-20240903-en
General
-
Target
8893c09953272f3fb4f814151d81502a51f2448cc96de15d9e88161c86d2cd1eN.exe
-
Size
83KB
-
MD5
38e2412de54ec43b29d5ebe06a2f5b10
-
SHA1
c620eb1a2b41fc971d549db7c66aff0105f9c4ad
-
SHA256
8893c09953272f3fb4f814151d81502a51f2448cc96de15d9e88161c86d2cd1e
-
SHA512
e66b1dd214ad385a527d262b82b681492bd3b9bd043e052aa014e2697ccead3fcae83590edd3c92529651c555b79b22ed3574f12cd1e9b089c60ae14282d43ce
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+DK:LJ0TAz6Mte4A+aaZx8EnCGVuD
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2784-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2784-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2784-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/files/0x0005000000004ed7-11.dat upx behavioral1/memory/2784-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral1/memory/2784-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 8893c09953272f3fb4f814151d81502a51f2448cc96de15d9e88161c86d2cd1eN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD57722a28c6e7ff79fd63ddcbde679eb76
SHA1a0b594f35724e5c36116c1feafac6fedf20b4cfa
SHA256a34b96ad734575b59be46c8396eb80c202f171c681fe584f9db1fa5003a8c920
SHA51298e295eebe19986c00f3045d02612408f21492f5293494b2d0db458a2967dcebb0f17e8da3444036feb2976ad1f9260b8ac08f93e1ebbb2c466ee77d76dd77bf