70670f49d116ee0bd3272072b4727a41b1c0dccdcf869879d5f809274e925f5a

Analysis

max time kernel
94s
max time network
98s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
07/09/2024, 22:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

70670f49d116ee0bd3272072b4727a41b1c0dccdcf869879d5f809274e925f5a.exe
Size

258KB
MD5

016c8dc395976332029a6f2fec755715
SHA1

53ec3ead03fbf3ff9e5c975a23af01889d52c818
SHA256

70670f49d116ee0bd3272072b4727a41b1c0dccdcf869879d5f809274e925f5a
SHA512

6abf418b1da3f556fc58ee85c304e771db733957c7d9fdaa3f280965d509d6741afd387cd868c0d1b1c444caeb22a1447cba4e8bb82e7b09873d55d7a425af08
SSDEEP

6144:Rq7apaEFk1fhDPFdrcSVynk8/8boJ/QXt:3LIhDA8IoXt

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	70670f49d116ee0bd3272072b4727a41b1c0dccdcf869879d5f809274e925f5a.exe

C:\Users\Admin\AppData\Local\Temp\70670f49d116ee0bd3272072b4727a41b1c0dccdcf869879d5f809274e925f5a.exe
"C:\Users\Admin\AppData\Local\Temp\70670f49d116ee0bd3272072b4727a41b1c0dccdcf869879d5f809274e925f5a.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:3304

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads