Analysis
-
max time kernel
93s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
14-09-2024 05:55
General
-
Target
Notepad++/notepad++.exe
-
Size
1.1MB
-
MD5
afe371c78fe149d8f126d2f03162b431
-
SHA1
6e0b1c2c6091731632e5f23752f82813f6c6af8e
-
SHA256
26bc1eeed81306666ec5acf83e60cf2658a3a5f758b8dd9a39bdec725e0091fd
-
SHA512
5a6fc640d9e2d0cb5fe849df41b9da3b73f371976a93f8cc1dfedc14a056ac4d697f33edb5b46deeec8345d817302857599d965747900b5899330df14e692ebb
-
SSDEEP
24576:i0hzmmgsNWW8BJzUN1LeyBTn5ZOZwppGz6ORGP9:iNs18BM5SZwnGzDRG
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Notepad++\notepad++.exe"C:\Users\Admin\AppData\Local\Temp\Notepad++\notepad++.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
94B
MD5f09a3bfdbdf50906be99bd2d2f152ae0
SHA1ae513e6995f9483024ed23049d035719870bea9b
SHA256532ee5b09076e412561abf2d7996e3382c5213c4f67f194592bd13f171cdf2cf
SHA512c47e353bfabb7a38abf5d7ff2c2a37f78eeab40f1456e7a886d8fd8222f3bbd743d20be14b4d88178eebce082b497e93a760f7a55c00f799de0d7ac80d1fede4
-
Filesize
132B
MD55585f70c3cb5079ddd10770c6dfcafc1
SHA14bad9f131e4081f827dfd61ca9bd58b70595c42f
SHA2568d7ed1f8e4ed1bb4ad5b4e1de8ab96d52b305c3db984932938fbd1767e3f7dd9
SHA512df39e4355b40af5fabe3f94932bf2c7ac0bed086d13b60879d2e59ba1d1f6d5a49e5fcce963ff4100ef961deb13b4e6853308122b802e0353887d35cdb7b6729
-
Filesize
232KB
-
Filesize
56KB
-
Filesize
192KB
-
Filesize
76KB
-
Filesize
332KB
-
Filesize
88KB
-
Filesize
232KB
-
Filesize
92KB