Overview

overview

3

Static

static

3

close.exe

windows7-x64

3

close.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    20-01-2025 09:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    close.exe

  • Size

    20KB

  • MD5

    0f1b17ba018e39aab1f81e218a3d6548

  • SHA1

    de5d3f13cd470fc6603449c1039503b334c9f29f

  • SHA256

    cf29c66de9a3c109e0980f9b9f31da8e3c14c1b28533266297c8335f1ae10952

  • SHA512

    ab404267e83e627f241b429f75c850b36855d3042caef2c31974cc7020621f560856aeea7a4a861be3e3e3f9d12cdd35e503c5afa3bb80a7697e12382db8858e

  • SSDEEP

    384:q9JqUUPxydhhaLKOpnsDt7Fe1CoHw3RO6YH0kLNj/PAU8Hi/Y1:q9wUU5yLvOsBs1CJM99IU5g

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\close.exe
    "C:\Users\Admin\AppData\Local\Temp\close.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:3040

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3040-0-0x0000000000400000-0x0000000000410000-memory.dmp

    Filesize

    64KB

    Download