cc51d534334fded9ebc813c4ffa0f7c46e97d17592b9973020075c91f2534105

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
23-09-2024 18:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

$APPDATA/konto-eroeffnen/constants/makecert.exe
Size

39KB
MD5

ed1c00557cde869caa963bbf9c820f05
SHA1

53bbd8b86fcbee9316e02af399634522b12539b0
SHA256

4d50ce341be70511e9a871dd347b3f5793ea97787cdfc92045c0bcc8aae6e298
SHA512

509afc51b647a6904a3a4abf04b43dfaee5fa0878c3a822fce84dd58ce2ab1c15a38610487c520ca6f7c42ed37d754df55a82b0a81a28d31493f2535d9568405
SSDEEP

768:fqKIjHhW0CfW0FKT7vZKP1xG69D1/gEehcaLnTJ/2acSd:3RnfW0eoPPXpCnTJ/2acSd

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	makecert.exe

C:\Users\Admin\AppData\Local\Temp\$APPDATA\konto-eroeffnen\constants\makecert.exe
"C:\Users\Admin\AppData\Local\Temp\$APPDATA\konto-eroeffnen\constants\makecert.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2548

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads