c1a4448bea3bc8f763bb8a55ed0419e1564f117763db23a7cb1045a493883e49

Analysis

max time kernel
119s
max time network
123s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
08-09-2024 17:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

CJ_ZJJJS_BX2.1/Menu/Menu.exe
Size

553KB
MD5

3f9c5d06f4f77ef012ee2e585ba0666e
SHA1

7b0b6f74013de2c1a39026aa3293ffe684cf9875
SHA256

cc87870236f45f30ba6054a58ebe4842771378213d6058d98feb30bc0609cae6
SHA512

52df75b9dee48c4d604e9070f4c1a55c1e8e19b2f25a8385137cb8bcceb8c82a37981b11d9d424c00c8755f75d811e93007db12e5c45de201a959bcf67a67521
SSDEEP

12288:WV+mzB+vAbdFWhYF6oLxGIMn1QDKNA2EkkKkapv6T:W8MdkaE4GIMn1QeNAykrapc

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Menu.exe

C:\Users\Admin\AppData\Local\Temp\CJ_ZJJJS_BX2.1\Menu\Menu.exe
"C:\Users\Admin\AppData\Local\Temp\CJ_ZJJJS_BX2.1\Menu\Menu.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2680

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2680-324-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download