Overview

overview

3

Static

static

3

Setup.exe

windows7-x64

3

Setup.exe

windows10-1703-x64

3

Setup.exe

windows10-2004-x64

3

Setup.exe

windows11-21h2-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    03-10-2024 13:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Setup.exe

  • Size

    288KB

  • MD5

    a13bfe522abc659704965388ad4581ee

  • SHA1

    1e5e32c35af6bebeb800083f5c637cb03fac3e37

  • SHA256

    1f64f01063b26bf05d4b076d54816e54dacd08b7fd6e5bc9cc5d11a548ff2215

  • SHA512

    34b02ff3bb42b81890747bb0fa9f8689f7e3577aa68e25f4a1aa9ca336e975a0e9d400e89e4d9b1bd11866df80b9baf9a1d7c9df7b7f4cce4cb2c45e47abc7a2

  • SSDEEP

    6144:OO5HlaocpcAznJ/lpJB8K+lh4EZCRq5BW3zFOqVtUB:OaH0RpcAZRBhXqJBEHUB

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Setup.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:5100

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5100-0-0x00000000768A0000-0x0000000076CDB000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/5100-1-0x00007FFE65D40000-0x00007FFE65F49000-memory.dmp

    Filesize

    2.0MB

    Download