c7c7c3282cd5f269e31b45603f9b6a2d9f901ef324e50a6b90cc992df14de724

Analysis

max time kernel
14s
max time network
19s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19-09-2024 06:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c7c7c3282cd5f269e31b45603f9b6a2d9f901ef324e50a6b90cc992df14de724.exe
Size

1.3MB
MD5

e7c14bb0ff7f296d5dc1d6dafc42a676
SHA1

0eba52c43ed568868c9f8d34f1b18a2d71be656a
SHA256

c7c7c3282cd5f269e31b45603f9b6a2d9f901ef324e50a6b90cc992df14de724
SHA512

e2ee7a23834d1b5177be31358860629d6e10b2ee2385ed67ba00cf8edf12bc1abd380faa058f96b8a10c2279c9d47efc92e1ef9ae57512a452dd5eefc22750cb
SSDEEP

12288:JEiB+tKUMAdB8qr0zw9iXQ40AOzDr5YJjsF/5v3ZkHRik8K:JEiB9atr0zAiX90z/F0jsFB3SQkz

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	c7c7c3282cd5f269e31b45603f9b6a2d9f901ef324e50a6b90cc992df14de724.exe

C:\Users\Admin\AppData\Local\Temp\c7c7c3282cd5f269e31b45603f9b6a2d9f901ef324e50a6b90cc992df14de724.exe
"C:\Users\Admin\AppData\Local\Temp\c7c7c3282cd5f269e31b45603f9b6a2d9f901ef324e50a6b90cc992df14de724.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2716

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2716-8-0x0000000000360000-0x00000000003C7000-memory.dmp

Filesize
412KB

Download
memory/2716-11-0x0000000000400000-0x0000000000555000-memory.dmp

Filesize
1.3MB

Download
memory/2716-1-0x0000000000360000-0x00000000003C7000-memory.dmp

Filesize
412KB

Download
memory/2716-0-0x0000000000400000-0x0000000000555000-memory.dmp

Filesize
1.3MB

Download