a222ddb6883076234c7aeac46b0b863f148081ed4470080b1d444a26dbad6177

Analysis

max time kernel
94s
max time network
16s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
26/08/2024, 00:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ae7167d4fe5683fe6cff9b40854e72c0N.exe
Size

61KB
MD5

ae7167d4fe5683fe6cff9b40854e72c0
SHA1

235003dfeec6cd4539cb8dc15e25b3b806192ae3
SHA256

a222ddb6883076234c7aeac46b0b863f148081ed4470080b1d444a26dbad6177
SHA512

4a19f2e4358fa632e31c6349e7ff751f4abf92a376f018d55572629cf3a52ee20bbb2d59ec69277cbc241551346f961a6c4ec1f906f16d7d2326c8343c8951d8
SSDEEP

768:LzvoC6/YFBpsBl+9MHgx1H9xllMGCaj1H9xllMGCHwRaO0GFHJ3ruWh8:LzQC2YFBp809MHgx1Tj1bRFZHJ3ruWh8

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	ae7167d4fe5683fe6cff9b40854e72c0N.exe

C:\Users\Admin\AppData\Local\Temp\ae7167d4fe5683fe6cff9b40854e72c0N.exe
"C:\Users\Admin\AppData\Local\Temp\ae7167d4fe5683fe6cff9b40854e72c0N.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:568

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/568-0-0x0000000001000000-0x0000000001019000-memory.dmp

Filesize
100KB

Download
memory/568-1-0x0000000001000000-0x0000000001019000-memory.dmp

Filesize
100KB

Download