5312214b15330113f6eab71565e1e3c7d1ee3b59daa6703c271aaf3b192e6809

Analysis

max time kernel
14s
max time network
19s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
19-08-2024 06:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

$TEMP/SETUP_73538.exe
Size

1.5MB
MD5

9adce164113ec09d243a78029aecfa2e
SHA1

403fb3148345800ca6f0374459e3f6d5ef3b613e
SHA256

d577804cf39a7af100747f2dcc00c525a19fa3cb0498885d020cc2a0f10a9436
SHA512

c938ccc8b89181e2d5113f31e4adc532b0c62793ba3549dbc7ece22a30219d4f0885e89b1ac01499bed5ea1dd653cbee3b61bdb0883d9980ea4c518ac70b01f5
SSDEEP

24576:4PKxoVT2iXc+8ZJX+6WiaTAsN/3ebTvK+63CWH8iA/iD2hgPjcC8SVdKQ8BB7d:BrZJupdqYH8ia6GcKh7

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
discovery

System Language Discovery
T1614.001

Processes:

SETUP_73538.exe

description ioc process

Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language SETUP_73538.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SETUP_73538.exe

C:\Users\Admin\AppData\Local\Temp\$TEMP\SETUP_73538.exe
"C:\Users\Admin\AppData\Local\Temp\$TEMP\SETUP_73538.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2304

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2304-0-0x0000000000400000-0x000000000058F000-memory.dmp

Filesize
1.6MB

Download