f58aee096e11a250ccaf0d4460ef83a03bb3d6e52de242f616b23a10fdfa4794

Resubmissions

24-08-2024 03:44

240824-eap3ystbql 7

Analysis

max time kernel
135s
max time network
123s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
24-08-2024 03:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Valorant-Triggerbot-main/meh.exe
Size

168KB
MD5

06623b79ead1b71c096e387985d2ebb1
SHA1

d609ded4e12be1257fd16cb222408f8613160385
SHA256

3b88b143b1ab0be5aca4f714e187245791a87d6b8c0fe10715079bb8cbbb3d95
SHA512

598ecad496019046b47b01e2620c99bda071ce36f30899031456532e806948367dbdb61442baee11815e57a4c2d809d21773b891049a7d98499dd19523e6b3b0
SSDEEP

3072:VeBnrLqj5I26idJMZpabNCfibe0SyKPwEfoq6RVgIHvu:YnSS1iPMZpjijKZaHvu

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	meh.exe

C:\Users\Admin\AppData\Local\Temp\Valorant-Triggerbot-main\meh.exe
"C:\Users\Admin\AppData\Local\Temp\Valorant-Triggerbot-main\meh.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2620

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads