0361ab1f5c99044a1cae094037a0289e1268f1ee30a8e74d9940eb62bf35b963

Analysis

max time kernel
118s
max time network
120s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
02-08-2024 09:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

81f345830fa61b5f5b348d1e3381dad0N.exe
Size

143KB
MD5

81f345830fa61b5f5b348d1e3381dad0
SHA1

164f4837e30e5689590133108431ea3d5fb1c954
SHA256

0361ab1f5c99044a1cae094037a0289e1268f1ee30a8e74d9940eb62bf35b963
SHA512

fa95a95edc1fd5328e0902b09bc6c531a3648bf31209ed110c00d69d410096856366db68c954d7a669f0a7584b69471dc2a6c13848dde20c284e2aefd6567dd1
SSDEEP

3072:6pWpvEWfeDK+iGLyj/gvGxvdyJw4JnQzyJ7y:PWWYK9GDld1y

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	81f345830fa61b5f5b348d1e3381dad0N.exe

C:\Users\Admin\AppData\Local\Temp\81f345830fa61b5f5b348d1e3381dad0N.exe
"C:\Users\Admin\AppData\Local\Temp\81f345830fa61b5f5b348d1e3381dad0N.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2976

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads