Analysis
-
max time kernel
96s -
max time network
123s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
11/09/2024, 06:56
Static task
static1
Behavioral task
behavioral1
Sample
9ec0d2619dda79b2dd133f5a68eaf160dd4f4b230704d7f67beb6c86eda76c35.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9ec0d2619dda79b2dd133f5a68eaf160dd4f4b230704d7f67beb6c86eda76c35.exe
Resource
win10v2004-20240802-en
General
-
Target
9ec0d2619dda79b2dd133f5a68eaf160dd4f4b230704d7f67beb6c86eda76c35.exe
-
Size
9.9MB
-
MD5
1460d169b4e85d2c5ace8ff4f96e76f1
-
SHA1
7f4c6f58aada84e42cb9f20e39733d1321829955
-
SHA256
9ec0d2619dda79b2dd133f5a68eaf160dd4f4b230704d7f67beb6c86eda76c35
-
SHA512
6980e8fc7d0391ad8975580b01ada9d4b6f8b627370e45fc7ec666bb1a41cf4d095beb2e910dd458d014754156964112b09bf60250c8c27f4b42d6b584ea2d2f
-
SSDEEP
196608:yvS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:yvRrDjtLKkOa8ps6puAktIz
Malware Config
Signatures
-
Downloads MZ/PE file
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 9ec0d2619dda79b2dd133f5a68eaf160dd4f4b230704d7f67beb6c86eda76c35.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 1060 9ec0d2619dda79b2dd133f5a68eaf160dd4f4b230704d7f67beb6c86eda76c35.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\9ec0d2619dda79b2dd133f5a68eaf160dd4f4b230704d7f67beb6c86eda76c35.exe"C:\Users\Admin\AppData\Local\Temp\9ec0d2619dda79b2dd133f5a68eaf160dd4f4b230704d7f67beb6c86eda76c35.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:1060
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD57c3581cdd20432abcfffd2286f44a91f
SHA1da531412641c9be1f20db06d3d71107155656eeb
SHA2560fc37956bb794fd4fd3a6bfc8172f9b57112d875b4724b5fc00a284c0cab18e3
SHA512bce875cb86566f964c2f5339ea5c09218c0d42e6f64b99e325e4f59db3d8ed3cfd49e1f922df6b54814ed14bd4ec088b0d2be7087f7046f7e750ce89d8ee43f9
-
Filesize
6KB
MD52fe0e12860b69192698cc23bb3e34694
SHA1e735de81fde08520bc84da6f051fa48a43ef53f4
SHA2564b168ab2b0c9eb251ba58e36be24943bcf2fdd3e613090d7150d31d2d871bf92
SHA5125931f091678d014fa7d5cb5be06d9bdf1a434f29f9f4d8517b8e24b3fee9691095b653e6a22ad6b6252638a8fa68a7b92bc8db360fe4f72f2e93b2fa67734cea
-
Filesize
38B
MD5077b91b403832370daa65ac840efb055
SHA1764e41c0f49435df945ca7cfa1f2878d98d0a646
SHA2564c9de4d1eb5348c2b8b457d3fd729e260aa6f262ce4765ebdbc33aa23595e2fe
SHA512e0f1295bed15ac1b33149da8dd6764fcfe968ebfa7b332b95255d892c55d4b496cf5d0ffaf3bbdffabc47f7e96e0a8c8bbc86d78682d5f93bd4c4ab0cca5ceac