20d41bf0390ce8a97ac766cc11efafc7d500d06eac463a344cfa8357f439db7c

Analysis

max time kernel
135s
max time network
123s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
20-08-2024 16:29

Target

Dithyramb.exe
Size

233KB
MD5

be218fb27c5c0611e1c87d065c8d3efd
SHA1

95df86a58ca5efdd004b7215200e9f38eaf60442
SHA256

20d41bf0390ce8a97ac766cc11efafc7d500d06eac463a344cfa8357f439db7c
SHA512

903963e757cb23c23d0b19a5089d916f79c57663823b6d14b6665f1cdf31c860acdece4065081941fda9e1ae1e784a66d3053fe1540f47a831852f2b34afdbd6
SSDEEP

3072:vjNCYNDN4wm4DtJH6FqEWJ+ee5DTPJH/mYzsFbdhdSrs/fPfBhPkRUcxaXaAoqHb:vRrqCedLJH/mYzcbMoHXTJPAORs

Score

6^/10

discovery

Drops desktop.ini file(s) 1 IoCs

Processes:

Dithyramb.exe

description ioc process

File created C:\Users\Admin\Desktop\desktop.ini Dithyramb.exe
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
discovery

System Language Discovery
T1614.001

Processes:

Dithyramb.exe

description ioc process

Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language Dithyramb.exe

description	ioc	process
File created	C:\Users\Admin\Desktop\desktop.ini	Dithyramb.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Dithyramb.exe

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact