Analysis

  • max time kernel
    94s
  • max time network
    97s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-09-2024 00:52

General

  • Target

    912e6f70db9ba286a54cc10bcafd2229.exe

  • Size

    7.7MB

  • MD5

    912e6f70db9ba286a54cc10bcafd2229

  • SHA1

    1f553fd4294cbcf42e1cac856bd4af0ea212ad52

  • SHA256

    05b48d0a491fba3c3f794c398dbfd09f73380923f16d2d40ab90befeb16fbd01

  • SHA512

    f136138416c68d0d1c916bdda2c20dab16f985f8c771049bd0d88e8686f3d8dacd389a20310f7f5b0847a90e7e1209888514a81888b26af4511cd89e14a87d49

  • SSDEEP

    196608:SUz+PBFhD0P4PA3aZKbFL7z/kcP6lI5jtVBh1a:MPBFhD0P4Pwy+FL7bkZlI5z

Malware Config

Signatures

  • Detects HijackLoader (aka IDAT Loader) 1 IoCs
  • HijackLoader

    HijackLoader is a multistage loader first seen in 2023.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\912e6f70db9ba286a54cc10bcafd2229.exe
    "C:\Users\Admin\AppData\Local\Temp\912e6f70db9ba286a54cc10bcafd2229.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1784

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1784-0-0x0000000000E20000-0x0000000000E21000-memory.dmp

    Filesize

    4KB

  • memory/1784-4-0x0000000000400000-0x0000000000BE5000-memory.dmp

    Filesize

    7.9MB