Overview

overview

10

Static

static

10

2380-7-0x0...ry.exe

windows7-x64

1

2380-7-0x0...ry.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    104s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/03/2025, 12:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2380-7-0x0000000000400000-0x000000000042F000-memory.exe

  • Size

    188KB

  • MD5

    3a00c15ed411cd475bfab4fb1edf2a4a

  • SHA1

    5a161b86a2844b429a4a68a74f5f03045d84908a

  • SHA256

    dfea583f79abd30e4a52da25818a436ce0fe70c5f0797e75eb8efb4df3b395ec

  • SHA512

    6d40e93c5719759074e11785bab34db3319bcae4533eb70a04fd51ef4d9d8a4fc4422c6d735975c643ce134b008487a318d6224a719656fff600a9a78849e8c5

  • SSDEEP

    3072:Q9E6Fei3oJl0zRAhjfN5f/Jj3rvZrF05KC+j2+Sl4:kNahjlVJj3rvZrF0g2+m4

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2380-7-0x0000000000400000-0x000000000042F000-memory.exe
    "C:\Users\Admin\AppData\Local\Temp\2380-7-0x0000000000400000-0x000000000042F000-memory.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:1640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1640-0-0x0000000000FA0000-0x00000000012EA000-memory.dmp

    Filesize

    3.3MB

    Download

  • memory/1640-1-0x0000000000FA0000-0x00000000012EA000-memory.dmp

    Filesize

    3.3MB

    Download