Analysis
-
max time kernel
15s -
max time network
20s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
13/08/2024, 15:01
General
-
Target
db02d449cb8ced95541585c5cc201800N.exe
-
Size
3.1MB
-
MD5
db02d449cb8ced95541585c5cc201800
-
SHA1
ad816c159eb8eb6c7992a7378e70b60ea72a00fd
-
SHA256
15682964d60b9ab4ffcb5476a314257092257984bd256fd77e738aafd390bd87
-
SHA512
bee939b745308b759ad1e066d531558fba1de0557aca1e99d4276cf765a6844cd32743abfdc7c68138726c0cf84e069d390c5fd12182e19733a30ef11be67416
-
SSDEEP
98304:G2cPK8SzPp4NE88c2TnCIII9rWecF7AbGCHQ6N:pCKVEE88c2rIKWe9wu
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of FindShellTrayWindow 12 IoCs
-
Suspicious use of SendNotifyMessage 12 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\db02d449cb8ced95541585c5cc201800N.exe"C:\Users\Admin\AppData\Local\Temp\db02d449cb8ced95541585c5cc201800N.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage