Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
04-08-2024 21:14
Static task
static1
Behavioral task
behavioral1
Sample
TMACv6.0.7_Setup.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
TMACv6.0.7_Setup.exe
Resource
win10v2004-20240802-en
General
-
Target
TMACv6.0.7_Setup.exe
-
Size
5.1MB
-
MD5
a7c8cf1d50ebe630a7d0c47686a0abbf
-
SHA1
3229e8080975f4f5512d2382552f68c0389acff5
-
SHA256
a453b3ea8d8133531fad26b18701c694c324cc201e3069d07e99f0e100908c1a
-
SHA512
42340b7435605049e3f817feac1ac238177772b2b1ebf05eb9311bb58ee3dd1cab39913240a4c39e3407374009310770d8221c31914549524ecd92beab93b787
-
SSDEEP
98304:ARU3j4wtopcj2dqCYV1coZ4hv3tmF1b6CrjfW/sfH6s7zQcKDsVv/JLSF66b/:ARqt/CdqRc64hv3tmF1b6CffW/sfH6sm
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
TMACv6.0.7_Setup.exedescription ioc process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language TMACv6.0.7_Setup.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
TMACv6.0.7_Setup.exepid process 900 TMACv6.0.7_Setup.exe 900 TMACv6.0.7_Setup.exe