Analysis
-
max time kernel
94s -
max time network
130s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
02/08/2024, 19:01
General
-
Target
1771fc43d19810a6bede6eb08d30d9c14eabc5509e2e40020e94a97e20979f36.exe
-
Size
679KB
-
MD5
00ec33cc0e0e4df1df00237e097335bd
-
SHA1
a7355ea325cab1f0fc46fc96b7c93ae655c63950
-
SHA256
1771fc43d19810a6bede6eb08d30d9c14eabc5509e2e40020e94a97e20979f36
-
SHA512
d28706d07d5a234cb79a3e8cfdeb64ececadcc77257a67524683623af2275f562a46a1a00775703a4672df65324f2e3ae832488ff173df294df8240b53badbc6
-
SSDEEP
12288:35Psoooooooooooooooooooooovffffffffffffffffffffffffffffffffffff5:35PKfffffffffffffffffffffffffffh
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in System32 directory 2 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\1771fc43d19810a6bede6eb08d30d9c14eabc5509e2e40020e94a97e20979f36.exe"C:\Users\Admin\AppData\Local\Temp\1771fc43d19810a6bede6eb08d30d9c14eabc5509e2e40020e94a97e20979f36.exe"1⤵
- Drops file in System32 directory
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\svrwsc.exeC:\Windows\SysWOW64\svrwsc.exe1⤵
- Executes dropped EXE
- Drops file in System32 directory
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.1MB
MD5d87578516385019a31ae04e0647730a6
SHA15fe9f412c7189ceb4f599690e5cd02a73239fd6d
SHA25639e3b86bcebc3bf541ce7540f472de3512490be103c13af69de917c0c857f0ba
SHA512c4ce4c6f02999cb422f7a8fa5e4ac57574af32377adab89f3d5a2beb12daee111bf562ae29da798138dd3bf1f6d6d2d1915dd2db5492f86788c28d95ce62e7dc