Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    10/11/2024, 08:48

General

  • Target

    d55a421b4402512c208aa8ecf811f2e42e773c67412c54ae74deaae370b8ee95N.exe

  • Size

    83KB

  • MD5

    52a4f9a66fcd131f6e171385d9b82010

  • SHA1

    a111311c4af91104e78b264346548d16ed34ca18

  • SHA256

    d55a421b4402512c208aa8ecf811f2e42e773c67412c54ae74deaae370b8ee95

  • SHA512

    4dcde024361c862a67a5b361faf922dca88709afad4dab67fc529dfe28aa4f51a7d9232841e12885b8e9a92ad030356ccdb7ab40c8f000f7618957487a7fec95

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+fK:LJ0TAz6Mte4A+aaZx8EnCGVuf

Score
5/10

Malware Config

Signatures

  • UPX packed file 6 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\d55a421b4402512c208aa8ecf811f2e42e773c67412c54ae74deaae370b8ee95N.exe
    "C:\Users\Admin\AppData\Local\Temp\d55a421b4402512c208aa8ecf811f2e42e773c67412c54ae74deaae370b8ee95N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1744

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-r7Uf5MRqS4jUUNVV.exe

    Filesize

    83KB

    MD5

    be82b9711743f4e885f35bc286488d10

    SHA1

    140a9de25ed3fdfff27bdb9040008cdb8ec1fcad

    SHA256

    65ed76160e2b77423326750cd311ea840cadba6a40c72ed3c2ae022067cfc1be

    SHA512

    6b67e4b366a9916b3efacd3f405db573e3049ee75f103dbd2218ca738e7fb7d3230bc21ebe1824638dc11dfb0324536badc347bf57038bdda395661c66f39092

  • memory/1744-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/1744-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/1744-7-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/1744-14-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

  • memory/1744-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB