2af164c460e188894fb239ed388f7499164b9854bbcf495b1296017d78040fff

Analysis

max time kernel
133s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
20/08/2024, 06:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

一级B.exe
Size

10.5MB
MD5

5c744c4415376dbd54d747974dd93a61
SHA1

0d18113c9a7429ff08f8f2be317201b777ad4977
SHA256

1422bf410680dd763c541083e6dcb7ad0dea49edf0a0c191f72c28f0f9c25264
SHA512

e36375c4dcdc9f4eacfae1974841d0d03c2b007ce7f4e7cfe80f95390ee88c0b77b201821b1452f6071cdf8f9b538578b540e8d8deaeb0450d0643e313802eff
SSDEEP

196608:2yWseFNP5z8EgcqebndRLTdrIMixhhFH9qyRw9fdB2L:2yWsuL8hCdRlrIDAvlBy

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	一级B.exe

C:\Users\Admin\AppData\Local\Temp\一级B.exe
"C:\Users\Admin\AppData\Local\Temp\一级B.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:1248

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads