Analysis
-
max time kernel
120s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
28/09/2024, 01:04
General
-
Target
aea7050a7ae8e1d1a7bfb2409106127a04eb98aecfffb56553c5734013c5b952.exe
-
Size
1.8MB
-
MD5
61f4456f9848da1f5385799415ff8e69
-
SHA1
a2a9d105f702e9c87a6e06b569e88c68b6a60129
-
SHA256
aea7050a7ae8e1d1a7bfb2409106127a04eb98aecfffb56553c5734013c5b952
-
SHA512
6f4fe34174e5c481ee11a3eb27c9234ff762d469af76c849d44534708cf2040c7a54f0f183d4f6dbc4a40c05520b48fffe0e4717722704037939842828f66f9e
-
SSDEEP
24576:vQG7WX244ic24fdzW10LTldd8VpZ++FBg6YLmhDk35nJuFGmZTrpx:vB8nBdcSAR0F9T9x
Score
6/10
Malware Config
Signatures
-
Checks for any installed AV software in registry 1 TTPs 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of FindShellTrayWindow 10 IoCs
-
Suspicious use of SendNotifyMessage 10 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\aea7050a7ae8e1d1a7bfb2409106127a04eb98aecfffb56553c5734013c5b952.exe"C:\Users\Admin\AppData\Local\Temp\aea7050a7ae8e1d1a7bfb2409106127a04eb98aecfffb56553c5734013c5b952.exe"1⤵
- Checks for any installed AV software in registry
- System Location Discovery: System Language Discovery
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx