Analysis
-
max time kernel
12s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
24-07-2024 11:37
Behavioral task
behavioral1
Sample
bytes.exe
Resource
win7-20240704-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
bytes.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
11 signatures
150 seconds
General
-
Target
bytes.exe
-
Size
7.8MB
-
MD5
3db70f7c982700300ba7ddd81f1210b4
-
SHA1
c4b1c824a917d998663aec47de548d75fac62761
-
SHA256
7fbc872542b61d592eff2aa402d9310dafdb01f550226588e2d95050bac434fc
-
SHA512
a85d79075294e3692ebb2f6fdacc0cf7684d0a594c1e68802b9a3cb495dacb07e0e7727ee1dcb6539a3711348679eca5a04a0b6a67daf1222b77638738d4bd4d
-
SSDEEP
196608:2oyqaFBPNBLt3/qbRAsul1LJ3ZMvbsGLqg6vI:wqiNBLBbLJ+12g6A
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language bytes.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 1684 bytes.exe