553cfbf1aec44f3baf003f3a095e9638d4c3ec4aa387e07cf64ff69601353306

Analysis

max time kernel
130s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29-08-2024 01:37

Target

Sena.exe
Size

1.0MB
MD5

9872c633ef83d043cfca1609c7668719
SHA1

116579be25c526f3fb21620263467717e52db237
SHA256

553cfbf1aec44f3baf003f3a095e9638d4c3ec4aa387e07cf64ff69601353306
SHA512

93bc495d230f8198e573275c037db8b3487ef8cf1ae7029a01998018f4694e2a793bc9bc73e776e171870f0ac1ebbaf3a917ec8da5be235586569989dd0be0e1
SSDEEP

24576:/EoScovLgGCJv+gy4xwpdvGzk+kKufpF:/UcoDTCBtxCdeQ+

Score

3^/10

discovery

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

System Language Discovery

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Sena.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
5064	Sena.exe

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

memory/5064-0-0x00000000749BE000-0x00000000749BF000-memory.dmp

Filesize
4KB

Download
memory/5064-1-0x00000000000B0000-0x00000000001BA000-memory.dmp

Filesize
1.0MB

Download
memory/5064-2-0x0000000007060000-0x000000000725A000-memory.dmp

Filesize
2.0MB

Download
memory/5064-3-0x00000000749B0000-0x0000000075160000-memory.dmp

Filesize
7.7MB

Download
memory/5064-4-0x00000000749B0000-0x0000000075160000-memory.dmp

Filesize
7.7MB

Download
memory/5064-5-0x0000000005CB0000-0x0000000005CB8000-memory.dmp

Filesize
32KB

Download
memory/5064-6-0x00000000749B0000-0x0000000075160000-memory.dmp

Filesize
7.7MB

Download
memory/5064-7-0x00000000060C0000-0x00000000060F8000-memory.dmp

Filesize
224KB

Download
memory/5064-8-0x0000000005CD0000-0x0000000005CDE000-memory.dmp

Filesize
56KB

Download
memory/5064-9-0x00000000067C0000-0x0000000006826000-memory.dmp

Filesize
408KB

Download
memory/5064-12-0x00000000749BE000-0x00000000749BF000-memory.dmp

Filesize
4KB

Download
memory/5064-13-0x00000000749B0000-0x0000000075160000-memory.dmp

Filesize
7.7MB

Download
memory/5064-14-0x00000000749B0000-0x0000000075160000-memory.dmp

Filesize
7.7MB

Download
memory/5064-15-0x00000000749B0000-0x0000000075160000-memory.dmp

Filesize
7.7MB

Download