2268a86783f07b3f2151f7f95512e5d269ed3198688e311829f67161c70a748c

Analysis

max time kernel
110s
max time network
94s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
28-09-2024 03:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2268a86783f07b3f2151f7f95512e5d269ed3198688e311829f67161c70a748cN.exe
Size

139KB
MD5

97a43088bab38c790c31854c911e7ff0
SHA1

79faf90626eef343ccf2937c42954da7cdb34851
SHA256

2268a86783f07b3f2151f7f95512e5d269ed3198688e311829f67161c70a748c
SHA512

6e1a8a1251f55842be48abc374d3b8a5e45ecae1323b894c71836873c6b1cc9377d2316c6a7d891330d368114ca813049ae9bcee54e8fd589ad3454b41ccc222
SSDEEP

3072:hs3o8A4M3riN6MhGkgS3PL6pb9t16n5OkhBOPC/n/Fnncr5:hDeM7iNEkgiOb31k1EC3Jq

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	2268a86783f07b3f2151f7f95512e5d269ed3198688e311829f67161c70a748cN.exe

C:\Users\Admin\AppData\Local\Temp\2268a86783f07b3f2151f7f95512e5d269ed3198688e311829f67161c70a748cN.exe
"C:\Users\Admin\AppData\Local\Temp\2268a86783f07b3f2151f7f95512e5d269ed3198688e311829f67161c70a748cN.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2364

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\rifaien2-c6IukZJCkEEmCTKS.exe

Filesize
139KB

MD5
9b75139edde25f8351e5743fcd4b8526

SHA1
66fbdfaa6e5ae2827cab8d82043aee1b55106bb8

SHA256
f84da2baa649245e16d088761c664f9c0be6844b9b629f228fda09921e8bc519

SHA512
b427cc8fef7de9e0205fba98dc5145824a7bfb713b8f86f9cc75839580df82405db1f6bc1e181204c2acb6aa9b8313d25defcf720760bd75a44887fe98570e4f

Download Submit
memory/2364-0-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/2364-7-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/2364-14-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/2364-21-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download