Overview

overview

3

Static

static

3

094ad63a5d...0N.exe

windows7-x64

3

094ad63a5d...0N.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    103s
  • max time network
    108s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/08/2024, 17:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    094ad63a5d908db218efbb1cd63a0440N.exe

  • Size

    1.2MB

  • MD5

    094ad63a5d908db218efbb1cd63a0440

  • SHA1

    81907ef3a47303447690d02f530d95ce117af966

  • SHA256

    4cadc183e61b008c9c23d5bbca65aeb67430a9bdeb932d35614ff99b3f985553

  • SHA512

    2ceb0d3350e6b909fdb058bec1a3732612c939867a2d78159e7e3459bf7f29c263a7cf74cb8b23c58224e4219620d245ab9117983f606bc53f53ce2d56d5d6f3

  • SSDEEP

    24576:MDI2fWt3kkeXVix+8VQhcKAaBgEV0gI6zEaYtXac3MHjaAaYvsbh4yF:M6K+Kj8naMKc3t6s

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\094ad63a5d908db218efbb1cd63a0440N.exe
    "C:\Users\Admin\AppData\Local\Temp\094ad63a5d908db218efbb1cd63a0440N.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:624

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads