b50bbb4b93fd8ef7a2876b3743dfda6945e9011f406e71b41897244b0b836467

Submit
Reports

Overview

overview

Static

static

2024-08-08.zip

windows10-1703-x64

0163684970...64.exe

windows10-1703-x64

0581756a65...1b.exe

windows10-1703-x64

06fcfd75f4...40.exe

windows10-1703-x64

083b02e212...c7.exe

windows10-1703-x64

087a3b8725...c9.jar

windows10-1703-x64

08c7fb6067...a2.exe

windows10-1703-x64

0e85d0a9fc...50.exe

windows10-1703-x64

0f1b66752d...9d.exe

windows10-1703-x64

0f2abe41f4...70.exe

windows10-1703-x64

0f8a6d8705...e5.exe

windows10-1703-x64

1026da21d9...42.exe

windows10-1703-x64

109927ded1...91.exe

windows10-1703-x64

15c71b616f...79.exe

windows10-1703-x64

17b5394a5c...70.exe

windows10-1703-x64

1873c4b2bd...d4.exe

windows10-1703-x64

19efe1624f...3c.exe

windows10-1703-x64

1de0ce90e5...f7.vbe

windows10-1703-x64

1e6ad08c5e...5f.exe

windows10-1703-x64

1f7cedbe04...4c.exe

windows10-1703-x64

22586df437...62.exe

windows10-1703-x64

29f90a4f62...e6.xls

windows10-1703-x64

2b34ad054e...da.exe

windows10-1703-x64

2bb032333f...2c.exe

windows10-1703-x64

2bda6048a8...dc.exe

windows10-1703-x64

2c7da6690b...6a.exe

windows10-1703-x64

2caf283566...2e.exe

windows10-1703-x64

300d87987d...45.exe

windows10-1703-x64

353a75d0ad...a5.exe

windows10-1703-x64

391ac1ceed...57.exe

windows10-1703-x64

d4cb60a0e9...01.hta

windows10-1703-x64

e0fa6d69b2...1e.msi

windows10-1703-x64

Analysis

max time kernel
124s
max time network
137s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
10-08-2024 17:49

Sharing

Copy URL

Twitter E-mail

Static task

static1

17 signatures

Behavioral task

behavioral1

Sample

2024-08-08.zip

Resource

win10-20240404-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

01636849700a046589f6e2b58ca6b02ec108fd20534973f83737f1749af16e64.exe

Resource

win10-20240404-en

discovery execution

windows10-1703-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

0581756a656ace2e7d164b1f66846e9d079755bd7a5cead72e73b53ab534531b.exe

Resource

win10-20240404-en

discovery

windows10-1703-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

06fcfd75f456e542f161dc3e74b1c7ccc52e6cded909f5f06e00c847e5bedf40.exe

Resource

win10-20240404-en

windows10-1703-x64

4 signatures

150 seconds

Behavioral task

behavioral5

Sample

083b02e21246fa17ee9ac50eab39033abd920274259ad848df9eb412d4350ec7.exe

Resource

win10-20240404-en

discovery

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

087a3b87252a021f6f3696f496d4fd890f28fc31735d8f850aa1184ed7bf59c9.jar

Resource

win10-20240404-en

discovery

windows10-1703-x64

8 signatures

150 seconds

Behavioral task

behavioral7

Sample

08c7fb6067acc8ac207d28ab616c9ea5bc0d394956455d6a3eecb73f8010f7a2.exe

Resource

win10-20240404-en

discovery

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

0e85d0a9fcf30f823c43e697f99cf61743ef1d29228e160f19005e343f2a5b50.exe

Resource

win10-20240404-en

persistence

windows10-1703-x64

5 signatures

150 seconds

Behavioral task

behavioral9

Sample

0f1b66752dea36f9ad237a452b4bfb2950ab3ce90fcd920c6708f69ee8ce8c9d.exe

Resource

win10-20240404-en

discovery

windows10-1703-x64

6 signatures

150 seconds

Behavioral task

behavioral10

Sample

0f2abe41f47c8287b81f6f5be7983b8486b298d7121bbc8435ccd334a5f7ce70.exe

Resource

win10-20240611-en

agenttesla credential_access discovery keylogger spyware stealer trojan

windows10-1703-x64

11 signatures

150 seconds

Behavioral task

behavioral11

Sample

0f8a6d8705eba15b8958bd7984d9c46f1f5510790249b3fa330740a626ef45e5.exe

Resource

win10-20240404-en

agenttesla credential_access discovery keylogger spyware stealer trojan

windows10-1703-x64

11 signatures

150 seconds

Behavioral task

behavioral12

Sample

1026da21d95ab9bc3a5dff5163d8029ea6ca3413e586272074105e4727ab1342.exe

Resource

win10-20240404-en

dcrat credential_access discovery evasion infostealer rat spyware stealer trojan

windows10-1703-x64

24 signatures

150 seconds

Behavioral task

behavioral13

Sample

109927ded1c6f8ce79192bc804efab8f52e6924d16476236eef82a1631349d91.exe

Resource

win10-20240404-en

windows10-1703-x64

4 signatures

150 seconds

Behavioral task

behavioral14

Sample

15c71b616f8ff314907e2e9f15601adc81529f6129acd67751bf7d16b4d52479.exe

Resource

win10-20240404-en

lumma discovery stealer

windows10-1703-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

17b5394a5cea17aa14672179b10eb87f650675bbabb6bbf12e5cb62916c62770.exe

Resource

win10-20240404-en

discovery evasion execution trojan

windows10-1703-x64

11 signatures

150 seconds

Behavioral task

behavioral16

Sample

1873c4b2bde16da1d2e923d66d20eea2536bc824e5134b60f3df4b770edf72d4.exe

Resource

win10-20240404-en

agenttesla credential_access discovery keylogger spyware stealer trojan

windows10-1703-x64

11 signatures

150 seconds

Behavioral task

behavioral17

Sample

19efe1624f526c084e096431a4b1e5bf63c299351751fa0bf466106a99196d3c.exe

Resource

win10-20240611-en

dcrat infostealer rat

windows10-1703-x64

13 signatures

150 seconds

Behavioral task

behavioral18

Sample

1de0ce90e503e10f763f00b591d48973bb213d3979c517097b252881630257f7.vbe

Resource

win10-20240404-en

windows10-1703-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

1e6ad08c5ed9b4fdbef86181e8cd01170fe9ec5615d9a37f90e7ea43bcad175f.exe

Resource

win10-20240404-en

stealc cr1 discovery stealer

windows10-1703-x64

4 signatures

150 seconds

Behavioral task

behavioral20

Sample

1f7cedbe04af43e29efdfecce0580ab826b577bd0d7c9f6db3d1c58a8eeffb4c.exe

Resource

win10-20240404-en

discovery evasion execution persistence trojan

windows10-1703-x64

12 signatures

150 seconds

Behavioral task

behavioral21

Sample

22586df4379d432c8e5d2d852bbecf70558da09f77ec0f7ac46d28e4928a7462.exe

Resource

win10-20240404-en

stealc cr2 discovery stealer

windows10-1703-x64

4 signatures

150 seconds

Behavioral task

behavioral22

Sample

29f90a4f6266e43e668b41187ef4e8c2acdfccab8a8c898e64349a5432081ce6.xls

Resource

win10-20240404-en

windows10-1703-x64

4 signatures

150 seconds

Behavioral task

behavioral23

Sample

2b34ad054e9dde8cbc0abfbe1379a7f0343cb32d92f3411ec2c2ff02ae5673da.exe

Resource

win10-20240611-en

collection credential_access discovery stealer

windows10-1703-x64

14 signatures

150 seconds

Behavioral task

behavioral24

Sample

2bb032333f6f2199f35a512aa920a651975ea1b4c3aa7fac0ad69efa2539f42c.exe

Resource

win10-20240404-en

discovery

windows10-1703-x64

4 signatures

150 seconds

Behavioral task

behavioral25

Sample

2bda6048a888003443cd18df65f75441974ea3dfa04d524c957b0d7c268654dc.exe

Resource

win10-20240404-en

discovery

windows10-1703-x64

8 signatures

150 seconds

Behavioral task

behavioral26

Sample

2c7da6690be26bd6b5ceea90b233fdd26589d7a72b2a62468903aba887e7ad6a.exe

Resource

win10-20240404-en

discovery

windows10-1703-x64

4 signatures

150 seconds

Behavioral task

behavioral27

Sample

2caf283566656a13bf71f8ceac3c81f58a049c92a788368323b1ba25d872372e.exe

Resource

win10-20240404-en

lumma discovery stealer

windows10-1703-x64

4 signatures

150 seconds

Behavioral task

behavioral28

Sample

300d87987d360bd4abc2927a791031f41450cdf547c830902107daceba263a45.exe

Resource

win10-20240611-en

discovery

windows10-1703-x64

8 signatures

150 seconds

Behavioral task

behavioral29

Sample

353a75d0ad34c89fbdd11ec9cc6f6ea302f5669c5c1326686f7d328e656d1ea5.exe

Resource

win10-20240404-en

windows10-1703-x64

7 signatures

150 seconds

Behavioral task

behavioral30

Sample

391ac1ceedd3c960f32890f834a86ba1570ee5a0cc12dcef1714d43bb29fc457.exe

Resource

win10-20240404-en

discovery upx

windows10-1703-x64

6 signatures

150 seconds

Behavioral task

behavioral31

Sample

d4cb60a0e93c856f642f862e51cf4af34f626c8d1e1b995b5e9dfb3e72db1101.hta

Resource

win10-20240404-en

agenttesla credential_access defense_evasion discovery execution keylogger spyware stealer trojan

windows10-1703-x64

18 signatures

150 seconds

Behavioral task

behavioral32

Sample

e0fa6d69b26f18cfdef3bd930d067eca476b3d2cb78d14bec88f05ae87d25b1e.msi

Resource

win10-20240404-en

discovery persistence privilege_escalation

windows10-1703-x64

8 signatures

150 seconds

Report Analysis Logs

General

Target

0581756a656ace2e7d164b1f66846e9d079755bd7a5cead72e73b53ab534531b.exe
Size

205KB
MD5

de219cb5f5073be86d74f4bee29d9e79
SHA1

649067f9e029a2c051e3789d7140e026ab5473a2
SHA256

0581756a656ace2e7d164b1f66846e9d079755bd7a5cead72e73b53ab534531b
SHA512

b1904394d148fa382553bdbc913124cf87a92649614b5c134bf54b2e85f692179b98ed69487afba51d20ee4c7ac0ff236f85eaf20ff91099a9c3ecc2c105457d
SSDEEP

768:lfGgTViahszDO2fGgTViahszDOUYq0YOafGgTViahszDO3efGgTViahszDO:F4WsOK4WsOUYq0YOW4WsOS4WsO

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	0581756a656ace2e7d164b1f66846e9d079755bd7a5cead72e73b53ab534531b.exe

Processes

C:\Users\Admin\AppData\Local\Temp\0581756a656ace2e7d164b1f66846e9d079755bd7a5cead72e73b53ab534531b.exe
"C:\Users\Admin\AppData\Local\Temp\0581756a656ace2e7d164b1f66846e9d079755bd7a5cead72e73b53ab534531b.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:3156

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads