b635555deae2b2eeefc8996e10eb13bc82b82376d9848892853925703cc76dea

Analysis

max time kernel
148s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
29/08/2024, 19:17

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

SecEdit.exe
Size

37KB
MD5

e8ef5acdb53a2e739b2b12253766d6cf
SHA1

9a62d107955e4ea948c496cb6ec2191381932be8
SHA256

aa8bb9732afa8666981ecc6e9a5600f8f5e062d51dffe5d63758542848512fd7
SHA512

0ab3a5e8dcf73b247ec54b9d498891d7f2642b5420f831c657543794952a88493bd749a84c122d45129953c5c7bb00027dd5701824a75cfd419817d9fe518271
SSDEEP

384:/qbUG+YE89bzFa2Ox41jlLpq4d7SxPGabWAzHiWOaXq0lDf2Bh7/oSXkoQfwZq:ibN+YPbH91jVgsOPGaT9JqT7/pXkOq

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SecEdit.exe

C:\Users\Admin\AppData\Local\Temp\SecEdit.exe
"C:\Users\Admin\AppData\Local\Temp\SecEdit.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2536

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads