dd25028c732ecc9d3d0f51eb1ed2529b8f50dc05a6afdecc73d7a80d240b6693

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
26/08/2024, 04:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dd25028c732ecc9d3d0f51eb1ed2529b8f50dc05a6afdecc73d7a80d240b6693.exe
Size

165KB
MD5

011bcd64e6abf57f205d5b2002ab7a05
SHA1

3a49ef091c08f3c8be974e86ca4d0a6aa40f31a9
SHA256

dd25028c732ecc9d3d0f51eb1ed2529b8f50dc05a6afdecc73d7a80d240b6693
SHA512

43991a8e9e696e9ea0568d6cffcd9ac664fe1184f6f7169a72132d78c4f462d0096e2a8ec9c38e50761e7db7df5b68e73e4585b33b9c7ce06cb1052733c05814
SSDEEP

3072:8h+uj4y+IEjOrtBTUYvbg3KamnGT7uUY2BrXnnrsmACDkuCPxTxtVS:8ku0y+IUsPcaahY21Xnrsm8ZT5S

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	dd25028c732ecc9d3d0f51eb1ed2529b8f50dc05a6afdecc73d7a80d240b6693.exe

C:\Users\Admin\AppData\Local\Temp\dd25028c732ecc9d3d0f51eb1ed2529b8f50dc05a6afdecc73d7a80d240b6693.exe
"C:\Users\Admin\AppData\Local\Temp\dd25028c732ecc9d3d0f51eb1ed2529b8f50dc05a6afdecc73d7a80d240b6693.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2484

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2484-0-0x0000000001000000-0x000000000102D000-memory.dmp

Filesize
180KB

Download
memory/2484-1-0x0000000001000000-0x000000000102D000-memory.dmp

Filesize
180KB

Download