39e4d7f801efc1a080bc588e71473d73f13fad32feb891a25dc04aba1e6fe75c

Analysis

max time kernel
21s
max time network
16s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
14/08/2024, 00:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cda85bf2f84ab8e543b25ac928ce84b0N.exe
Size

272KB
MD5

cda85bf2f84ab8e543b25ac928ce84b0
SHA1

5e764b001bb5f42e5827816230f3f2b47573db34
SHA256

39e4d7f801efc1a080bc588e71473d73f13fad32feb891a25dc04aba1e6fe75c
SHA512

c90571a8c69008053764a28b6a0b302ef209d91b076ed316103932dbef16a2fd54530d159bb5609dd16edec813a07554099ae9dbf272be4396fd58200c66913e
SSDEEP

3072:6e7WpMNca3rytOkWpXfnYRl2l/9HSFHzJ0lBJTzkaXYXpLIwuyKhr1nOc:RqKB+tOkWKR0iJ0lTzk/LIwuyKhr1nOc

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cda85bf2f84ab8e543b25ac928ce84b0N.exe

C:\Users\Admin\AppData\Local\Temp\cda85bf2f84ab8e543b25ac928ce84b0N.exe
"C:\Users\Admin\AppData\Local\Temp\cda85bf2f84ab8e543b25ac928ce84b0N.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:3028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads