Analysis
-
max time kernel
1050s -
max time network
1051s -
platform
windows10-1703_x64 -
resource
win10-20240611-en -
resource tags
arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system -
submitted
11-08-2024 18:10
Behavioral task
behavioral1
Sample
GreenUltra.exe
Resource
win10-20240611-en
3 signatures
150 seconds
General
-
Target
GreenUltra.exe
-
Size
430KB
-
MD5
1c24c522afb5602ab2055141e56fb00c
-
SHA1
ffa192df8a8df977fcc50ac81b8f8bdc2ee4ce39
-
SHA256
4a4d3e1f42bd552d2a3367cb34d1135b451696daf0d5d6ece922b5d9ce024f06
-
SHA512
d0a502002a0b6845d4a7da8a0a3d97821de8a2935ccde83174ba619fef353aa65eb1df95d06cf808d03b5ce42b30baa147b0757228e3922a7e9a9fa6be37889d
-
SSDEEP
6144:tvRscHtVzjwIRFzJZ2p26+jFWXYnj9iT2ebvXmUcCqkmAO2djXH7icDP3:tvRs4OIm2hWX4U2ebvRUAd77h3
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
GreenUltra.exedescription ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language GreenUltra.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
Processes:
GreenUltra.exepid Process 4488 GreenUltra.exe -
Suspicious use of SendNotifyMessage 1 IoCs
Processes:
GreenUltra.exepid Process 4488 GreenUltra.exe