Overview
overview
10Static
static
830bc4934d7...f0.exe
windows7-x64
6338fdf3626...13.exe
windows7-x64
1342933cb4c...20.exe
windows7-x64
9343ace5874...03.exe
windows7-x64
834818CE171...49.dll
windows7-x64
8360390_crypt.exe
windows7-x64
4360390_tree.cmd
windows7-x64
73896f8a370...e_.exe
windows7-x64
73a061ee07d...8c.dll
windows7-x64
33af4fa2bff...d1.dll
windows7-x64
33bb691982d...21.exe
windows7-x64
93e3f980ab6...95.exe
windows7-x64
73e3f980ab6...26.exe
windows7-x64
73e75e8238a..._2.exe
windows7-x64
6400cad56ff...9a.exe
windows7-x64
940b3cb2a21...0c.exe
windows7-x64
9425c42d610...5F.exe
windows7-x64
7425c42d610...FF.exe
windows7-x64
742d77128db...e7.exe
windows7-x64
74561647.exe
windows7-x64
9457C9141EC...C8.exe
windows7-x64
1046a9660c57...83.exe
windows7-x64
346ca6b1972...FB.exe
windows7-x64
746ca6b1972...FC.exe
windows7-x64
74e60f3c8ea...5b.exe
windows7-x64
84f0b660543...B3.exe
windows7-x64
74f0b660543...BB.exe
windows7-x64
74f5bff6416...09.exe
windows7-x64
7Versamento...__.exe
windows7-x64
94fda5e7e8e...00.exe
windows7-x64
75 Rules for Snort.doc
windows7-x64
7502de64ee4...c2.exe
windows7-x64
9Analysis
-
max time kernel
1790s -
max time network
1443s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system -
submitted
22-11-2024 02:21
Behavioral task
behavioral1
Sample
30bc4934d7e29c8c4c4c9be0510fc7558fddf8db666a0343784c5cf1587b3af0.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
338fdf3626aa4a48a5972f291aacf3d6172dd920fe16ac4da4dd6c5b999d2f13.exe
Resource
win7-20240903-en
Behavioral task
behavioral3
Sample
342933cb4cbb31a2c30ac1733afc318a6e5cd0226160a59197686d635ec71b20.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
343ace5874a5854858e11e6c196007bffc045717ed29db9b03f23d01568e8303.exe
Resource
win7-20240903-en
Behavioral task
behavioral5
Sample
34818CE171EA150B91429AC1DD6FBE49.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
360390_crypt.exe
Resource
win7-20240903-en
Behavioral task
behavioral7
Sample
360390_tree.cmd
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
3896f8a37034429e9784d767765d85ef6dcde105320568516fac4e31400514db.exe_.exe
Resource
win7-20240903-en
Behavioral task
behavioral9
Sample
3a061ee07d87a6bb13e613e000e9f685cbffb96bd7024a9e7b4cb0be9a4af38c.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
3af4fa2bffaab37fd557ae8146ae0a29ba0faf6d99ad8a1a8d5bf598ac9a23d1.dll
Resource
win7-20241010-en
Behavioral task
behavioral11
Sample
3bb691982de416a7a4e57b91211e80bea82dcca7b4bdbf25c0c80451dc138421.exe
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
3e3f980ab668ccde6aafee60ce16e3c35cd91e9b59bff20ce1615d5fb362a458_Dumped_TDS=4FBA3695.exe
Resource
win7-20240903-en
Behavioral task
behavioral13
Sample
3e3f980ab668ccde6aafee60ce16e3c35cd91e9b59bff20ce1615d5fb362a458_TDS=4FBADA26.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
3e75e8238a6bbd8817164658696198af_72889f61171de37d6b4d59016c55ec52__2.exe
Resource
win7-20240903-en
Behavioral task
behavioral15
Sample
400cad56ff3d210346cf6c4795aeb607e5b211b3dc4a8421b9437621c254239a.exe
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
40b3cb2a210fafdaabdebefe1430862bd1192a80fcde84f51ceb387136d1410c.exe
Resource
win7-20240708-en
Behavioral task
behavioral17
Sample
425c42d6108db6b6b5cbda7a5417b5f55225c47ac588f5f0a293c2b07a78d14b_Dumped_TDS=4F8C315F.exe
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
425c42d6108db6b6b5cbda7a5417b5f55225c47ac588f5f0a293c2b07a78d14b_TDS=4F9906FF.exe
Resource
win7-20240903-en
Behavioral task
behavioral19
Sample
42d77128db6bea33966478f01aecda1cf6c17bf9ab5d5782650c1b32cd63bae7.exe
Resource
win7-20240729-en
Behavioral task
behavioral20
Sample
4561647.exe
Resource
win7-20241010-en
Behavioral task
behavioral21
Sample
457C9141ECDD9E9CFC61551FEA2BCB86AFF56CC8.exe
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
46a9660c57e244636a28df62e0879300a62552ab9b5cfd4708ff677af7453883.exe
Resource
win7-20240903-en
Behavioral task
behavioral23
Sample
46ca6b1972c81eab77202146184afe95b797bd4e3788c59e8036e748b55fc28c_Dumped_TDS=4FB252FB.exe
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
46ca6b1972c81eab77202146184afe95b797bd4e3788c59e8036e748b55fc28c_TDS=4FB566FC.exe
Resource
win7-20240729-en
Behavioral task
behavioral25
Sample
4e60f3c8eaa0441d4ffdced18aa04153bb91b5470bc5441ba5878f7760ca9b5b.exe
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
4f0b6605434c1355b10950024eaa9f695822278f57c29275706c0e5b29b369b0_Dumped_TDS=4F9911B3.exe
Resource
win7-20240903-en
Behavioral task
behavioral27
Sample
4f0b6605434c1355b10950024eaa9f695822278f57c29275706c0e5b29b369b0_TDS=4FA6FBBB.exe
Resource
win7-20241010-en
Behavioral task
behavioral28
Sample
4f5bff64160044d9a769ab277ff85ba954e2a2e182c6da4d0672790cf1d48309.exe
Resource
win7-20240729-en
Behavioral task
behavioral29
Sample
Versamento.Pdf______________________________________________________________.exe
Resource
win7-20241010-en
Behavioral task
behavioral30
Sample
4fda5e7e8e682870e993f97ad26ba6b2.000.exe
Resource
win7-20240903-en
Behavioral task
behavioral31
Sample
5 Rules for Snort.doc
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
502de64ee4fe0133a1ea5efa4919c03bbca1adc2.exe
Resource
win7-20240903-en
General
-
Target
46ca6b1972c81eab77202146184afe95b797bd4e3788c59e8036e748b55fc28c_TDS=4FB566FC.exe
-
Size
56KB
-
MD5
a73ac649aebb5530a09b8fe03ec465e3
-
SHA1
d1f1e3faec50e7eddffba2889a69c8601eb8dc07
-
SHA256
46ca6b1972c81eab77202146184afe95b797bd4e3788c59e8036e748b55fc28c
-
SHA512
445f0a3c71362671b0d2722a73934ada8ee0e3c6e953bd3be28672f21dcc72593b7d2d4c86a61cc5f9f5bdf57d8df360cfdaa7d42c6fcae8ca8985b20d8d8190
-
SSDEEP
768:msLq/bYHR22nktR88rcBjjPkY5e2fD+x6LJ7hR5iSa:Tqzg2BtR8imvPkY5P+xcJ5iS
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Control Panel\International\Geo\Nation 46ca6b1972c81eab77202146184afe95b797bd4e3788c59e8036e748b55fc28c_TDS=4FB566FC.exe -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 46ca6b1972c81eab77202146184afe95b797bd4e3788c59e8036e748b55fc28c_TDS=4FB566FC.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\46ca6b1972c81eab77202146184afe95b797bd4e3788c59e8036e748b55fc28c_TDS=4FB566FC.exe"C:\Users\Admin\AppData\Local\Temp\46ca6b1972c81eab77202146184afe95b797bd4e3788c59e8036e748b55fc28c_TDS=4FB566FC.exe"1⤵
- Checks computer location settings
- System Location Discovery: System Language Discovery
PID:2684
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
52B
MD5721da39c6a6df0cd8cfc82647b5e3c18
SHA1f9ff38e9b602879301b1040006066846a1af2cc2
SHA25623b306291f9710ea1928237dfcb0c4984eca2998be616aa7b6e84932d43f1434
SHA512a6ba25a00b468e113a4e18374854abd3a47154c3b2cc95783759f770e4a70d649e0f71852b04d986d13022118a1f2f3e5ce50cf366d19b7eaf22f244e8a1afde