4d504bb989d53d0ac69b06091c2f8d573551dbd66e8823be4d7b52971d0b40fb

Analysis

max time kernel
139s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
11-08-2024 09:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Infatica P2B/infatica_agent.exe
Size

3.5MB
MD5

9012ee01a6f382cded63a3184d504bed
SHA1

d6f899531a38f0837d995f0acbc5e1538f69236e
SHA256

4f966328f131988979eb1401e9ef512836b35e79502877e00566a261b58409cb
SHA512

b77d368f3ee2dba23d5742ed0059bb308d1efb08836a7fbd9a310f9771c17797937b81fb57c230531ca22543e82ac0174b6a5876916050c1011f5878b7d325b4
SSDEEP

49152:XRs2r1IKqvQtRWme4s5LVc/fp18n5Igsxjq2iOIr+3r4ArUZ8:hs2SpyEme4fOTwq2iOLkQm8

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	infatica_agent.exe

C:\Users\Admin\AppData\Local\Temp\Infatica P2B\infatica_agent.exe
"C:\Users\Admin\AppData\Local\Temp\Infatica P2B\infatica_agent.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:376

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads