fecafdcb3e99fb65f06baf66230df338863d8549d871674a372a2a5a947d3ae6

Analysis

max time kernel
102s
max time network
103s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
24/07/2024, 07:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6149645a25bbeb62fd434e7a8eb65020N.exe
Size

3.6MB
MD5

6149645a25bbeb62fd434e7a8eb65020
SHA1

8df089c0869aa34e63040fa59596827a096410dc
SHA256

fecafdcb3e99fb65f06baf66230df338863d8549d871674a372a2a5a947d3ae6
SHA512

4afc8789fa46935527f0d662186fae19f07af0f5358c8e5855f14feff73466100c1ca7d5d8bda659f81e529e8156d0b68e576dfae52c8ef03760429e734151d6
SSDEEP

49152:R3XTWs5BDNQ2iselXOfTITJR0nrtFPpXmfiSLI+VxBST+Y39ZYIL4XKIs:RLbSThOfTCiFBXmfFs+JhEp1

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	6149645a25bbeb62fd434e7a8eb65020N.exe

C:\Users\Admin\AppData\Local\Temp\6149645a25bbeb62fd434e7a8eb65020N.exe
"C:\Users\Admin\AppData\Local\Temp\6149645a25bbeb62fd434e7a8eb65020N.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:5080

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads