75f4258078e1324f26db6963f0a82cc580a292800c8cb2a4b878a5d9376954ce

Analysis

max time kernel
16s
max time network
17s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
03-09-2024 02:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bc2923581cd62a78485fff42aaa71450N.exe
Size

201KB
MD5

bc2923581cd62a78485fff42aaa71450
SHA1

73dfd4d3d5b215b7a860877d5d7932b45b253dd6
SHA256

75f4258078e1324f26db6963f0a82cc580a292800c8cb2a4b878a5d9376954ce
SHA512

e8c25784ed8c8c0e79b9b424e08169c85491f0fcb2749e63e1fe7e7891f7af2a6cc6a5e26e85222c5dd8bf340f858badd17c2654a6bfb71ea13ef4bfcf15651e
SSDEEP

3072:6e7WpXYvnh3EQmJ0QmJ3WHIjN3tj6qnv0b2UrXkbvLd:RqRS0IjNDv0bNXkbvLd

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	bc2923581cd62a78485fff42aaa71450N.exe

C:\Users\Admin\AppData\Local\Temp\bc2923581cd62a78485fff42aaa71450N.exe
"C:\Users\Admin\AppData\Local\Temp\bc2923581cd62a78485fff42aaa71450N.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:300

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads