Analysis
-
max time kernel
94s -
max time network
97s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
18-09-2024 00:52
Behavioral task
behavioral1
Sample
912e6f70db9ba286a54cc10bcafd2229.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
912e6f70db9ba286a54cc10bcafd2229.exe
Resource
win10v2004-20240802-en
General
-
Target
912e6f70db9ba286a54cc10bcafd2229.exe
-
Size
7.7MB
-
MD5
912e6f70db9ba286a54cc10bcafd2229
-
SHA1
1f553fd4294cbcf42e1cac856bd4af0ea212ad52
-
SHA256
05b48d0a491fba3c3f794c398dbfd09f73380923f16d2d40ab90befeb16fbd01
-
SHA512
f136138416c68d0d1c916bdda2c20dab16f985f8c771049bd0d88e8686f3d8dacd389a20310f7f5b0847a90e7e1209888514a81888b26af4511cd89e14a87d49
-
SSDEEP
196608:SUz+PBFhD0P4PA3aZKbFL7z/kcP6lI5jtVBh1a:MPBFhD0P4Pwy+FL7bkZlI5z
Malware Config
Signatures
-
Detects HijackLoader (aka IDAT Loader) 1 IoCs
resource yara_rule behavioral2/memory/1784-4-0x0000000000400000-0x0000000000BE5000-memory.dmp family_hijackloader -
HijackLoader
HijackLoader is a multistage loader first seen in 2023.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 912e6f70db9ba286a54cc10bcafd2229.exe