Analysis
-
max time kernel
123s -
max time network
132s -
platform
windows10-2004_x64 -
resource
win10v2004-20240730-en -
resource tags
-
submitted
01-08-2024 20:55
General
-
Target
20fe0cfcc4781b58e2f7a90755b8045bf42237d32a9b70a0be9b5bb4827ad952.exe
-
Size
3.1MB
-
MD5
53e2cae273d72c87de1359b7d813fca0
-
SHA1
f0a7f2cb0d05a3459488bdeab583a4a2944c8a4f
-
SHA256
20fe0cfcc4781b58e2f7a90755b8045bf42237d32a9b70a0be9b5bb4827ad952
-
SHA512
62e1d8729ddbae8636306ae8eeb0ee5193bb7c64273d41e68f0b866c5d28c0864bdf49e898acc594355882cd656c66a62bc88d76f220c6d8b1c143658ab79c3f
-
SSDEEP
98304:G2cPK8SzPp4NE88c2TnCIII9rWecF7AbGCHQ6T:pCKVEE88c2rIKWe9wE
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of FindShellTrayWindow 12 IoCs
-
Suspicious use of SendNotifyMessage 12 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\20fe0cfcc4781b58e2f7a90755b8045bf42237d32a9b70a0be9b5bb4827ad952.exe"C:\Users\Admin\AppData\Local\Temp\20fe0cfcc4781b58e2f7a90755b8045bf42237d32a9b70a0be9b5bb4827ad952.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage