Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
25-08-2024 09:34
Behavioral task
behavioral1
Sample
25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31.exe
Resource
win10v2004-20240802-en
General
-
Target
25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31.exe
-
Size
7.4MB
-
MD5
7beb76f5a864c3b43cdf4e375552be25
-
SHA1
1e42aad00cfb00d15bd1cd6ee5ba3436f634addc
-
SHA256
25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31
-
SHA512
92a8ba3eb157cb468eea110ebee9725442edd30e7d689340d5d226f924167e2839408dcb1714f88d1f77eda822fa4fb64f8b8c944b9091774754f3bfac45c322
-
SSDEEP
98304:fnRjFPwrMro2naZQrQe3UDKCYrkyG5b2oD:NbaZJekLv9bv
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31.exedescription ioc process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31.exepid process 2060 25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31.exe 2060 25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31.exe"C:\Users\Admin\AppData\Local\Temp\25142733bbb155188a2bc3eeb46c7d3b793eadc4a7c4d2cdc15e00f319915e31.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2060