Analysis
-
max time kernel
52s -
max time network
18s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
-
submitted
22/08/2024, 15:49
General
-
Target
Lag Switch V2.exe
-
Size
1.4MB
-
MD5
93ad909cede375ef9310f1b9e03f91cd
-
SHA1
0c04e07f4b2134cb3d8b5ac13905a44d869b12b7
-
SHA256
92b335fc008d816a24b04cd6ce508be035dfccfe565bb06ac2ca7f2f9629bd83
-
SHA512
d285700eeffa68e2d2418a65918308712158d55416f807d9c1f975edd30020168398eeaa2a46280bbed64c44477ec58e71b28458594facf4071bf40a867e4b74
-
SSDEEP
12288:bcJuVwr4FVkY3cT65ZGmeQx2X/8VEhFbnPA/J52GiipuuRXEt+FW5IwC/67GhT9w:Ljnk5/8449WywC/6yhT5eeUV0olqcGo
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 3 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Lag Switch V2.exe"C:\Users\Admin\AppData\Local\Temp\Lag Switch V2.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c cls2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\cmd.exeC:\Windows\system32\cmd.exe /c cls2⤵
- System Location Discovery: System Language Discovery
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.0MB
-
Filesize
2.0MB
-
Filesize
2.0MB