1fa6d14575535dcfa90656e9c9582ffbf3ad4dd8dccc3052f6ce3476401c4a0a

Analysis

max time kernel
14s
max time network
19s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
27/07/2024, 19:55

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

1fa6d14575535dcfa90656e9c9582ffbf3ad4dd8dccc3052f6ce3476401c4a0a.exe
Size

136KB
MD5

50211e1a33ad9adfc98bee29b1efa817
SHA1

807e011948e54d50f71e90054232a2a0531d6dc7
SHA256

1fa6d14575535dcfa90656e9c9582ffbf3ad4dd8dccc3052f6ce3476401c4a0a
SHA512

24ebcc1dc5ea2223fe1336f403502c76597a823537862f1a623ce487306accbd39d4bd54fdfbf0b61de6fdb8c08ecfb6147181eedc414ae007557e5f71fa7db5
SSDEEP

3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyB3:PqFF2Ie+efMRP

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	1fa6d14575535dcfa90656e9c9582ffbf3ad4dd8dccc3052f6ce3476401c4a0a.exe

C:\Users\Admin\AppData\Local\Temp\1fa6d14575535dcfa90656e9c9582ffbf3ad4dd8dccc3052f6ce3476401c4a0a.exe
"C:\Users\Admin\AppData\Local\Temp\1fa6d14575535dcfa90656e9c9582ffbf3ad4dd8dccc3052f6ce3476401c4a0a.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2328

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads