Overview

overview

10

Static

static

3

2.exe

windows7-x64

3

2.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18-11-2024 10:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2.exe

  • Size

    1.4MB

  • MD5

    15f3466706b848c20acb7c9963f11cc4

  • SHA1

    dc13fd1be8ca1546ed6abfc58c989ef7c06538dd

  • SHA256

    01cf391dc6033cf02baa0670da520775eb0726b576b7b82eac9efd7ddfa592df

  • SHA512

    3e53feadbfe1aae5c9d88b2d019b6717a3c15acdca146d39108dc29035a20ef5f1c7d41077d887b07444c880993b29eb8da1afbd11ddb70ebd0ccec50aeea906

  • SSDEEP

    12288:crXNByaXOIMJWLGyHNiwsgy0uocCTZ9LpmsgbQ4kcJcbZhB:c+a+8LGopsUrNaAh

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2.exe
    "C:\Users\Admin\AppData\Local\Temp\2.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of AdjustPrivilegeToken
    PID:2380

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2380-0-0x0000000074ADE000-0x0000000074ADF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2380-1-0x0000000000830000-0x00000000009A0000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/2380-2-0x0000000000260000-0x0000000000270000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2380-3-0x0000000074AD0000-0x00000000751BE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2380-4-0x0000000074ADE000-0x0000000074ADF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2380-5-0x0000000074AD0000-0x00000000751BE000-memory.dmp

    Filesize

    6.9MB

    Download