Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
15-01-2025 01:21
General
-
Target
SHIPPING DOCUMENTS#JAN25.exe
-
Size
1.4MB
-
MD5
7aa4201258e61a128b633b887c1f9a5e
-
SHA1
a550b9095dda1247af6071285428c5e870b60f0e
-
SHA256
8f979f812f0eba57cae2be575a30bf0622265a594c59ccae90f651fb4ebe25a6
-
SHA512
192c19c597b372a0ca5f01d9d5dfe8ae14bbc59ac6f41185246e4c2a8a44f04954a270727d619dc7d95d3439ee4fa1bcc49aa1b35765683870fd94d7100f8616
-
SSDEEP
24576:CqDEvCTbMWu7rQYlBQcBiT6rprG8aol3MIcAa2ERu8JpcnbJr:CTvC/MTQYxsWR7aoLZDMCJ
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 1 IoCs
Adversaries may check for Internet connectivity on compromised systems.
-
Suspicious use of FindShellTrayWindow 2 IoCs
-
Suspicious use of SendNotifyMessage 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\SHIPPING DOCUMENTS#JAN25.exe"C:\Users\Admin\AppData\Local\Temp\SHIPPING DOCUMENTS#JAN25.exe"1⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.0MB