ba06433033d955289c16e22468ce3ab721e7bbadb5a1562259df84ab1051d0e0

Analysis

max time kernel
139s
max time network
121s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
19-08-2024 12:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

aspi/aspiinst.exe
Size

64KB
MD5

1094d113e10f70607000efac3c974761
SHA1

6007e2b97d19199db51f5f95c99ec04179dfca13
SHA256

878327d38dc71ce422e18fe5acdd6a26a11eff56bf8ce428edd63d42491a653a
SHA512

da070f00b138f3828d1c90993a215761963e3f7f5c88a44d45e62b44bcb0022960110f69952b80ef332f8b2d4027042282c0d1487c651787e39383867fcdeb8e
SSDEEP

768:mz9p+8En/UJV9osiN/ki/1XHjZ48SAj1b4FJD4oGpgQ4co/4:m7+8EgSPN8i/FZ4VfFJMokL4co/4

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	aspiinst.exe

C:\Users\Admin\AppData\Local\Temp\aspi\aspiinst.exe
"C:\Users\Admin\AppData\Local\Temp\aspi\aspiinst.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:3628

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads