Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
27-09-2024 15:58
Static task
static1
Behavioral task
behavioral1
Sample
RichardsonElectronicsLTD.PRD10221301UUE.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
RichardsonElectronicsLTD.PRD10221301UUE.exe
Resource
win10v2004-20240802-en
General
-
Target
RichardsonElectronicsLTD.PRD10221301UUE.exe
-
Size
6KB
-
MD5
a93062ea78a516e011dfd18d4c462c87
-
SHA1
3ce876b96600c4d0252c73fa97c4ed0764b29503
-
SHA256
3b799063aa6a0a79e4a160b4650dc3199ebe128d1a183de4591e03a0b29674f1
-
SHA512
b8fb16d0ad87a7a17c461e38dae2ec6a9ce62811ae8dd64f4d69e235bd3252055c62985bf3a2f1b569f8930db881f13a795db8dee2856aeac282f1dc3eb37948
-
SSDEEP
96:Ey0sGxi1iavaSmlsXmMHuptEknfR5M+8lpoFvbOElQouRzNt:vRZvaDa2eu/lffAoBbOcQlz
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language RichardsonElectronicsLTD.PRD10221301UUE.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 1732 RichardsonElectronicsLTD.PRD10221301UUE.exe