f1322154820dc0f04a6244ebe4074a7d3a1dfb496d0ce90d9cbe02e26bf46bcf

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
05-10-2024 04:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Coopen.exe
Size

90KB
MD5

f9193966e62c1956bf3c9a716e958a0e
SHA1

87401d4a6cb2f023537398fdbf6fc721cacbd93b
SHA256

b6f9170d208cfb347ab0095b811a65a1a717ea1246ca25796923b45d2f986e41
SHA512

25d9a1b5c7702ebccbfdbcbdd81f6dc5d0aeb5bb6df4a8e8e05ba7cf5840e92b7e64d448d923775345e860ee5939bb34228de81e4b3044f750bab1b5b44ca3bd
SSDEEP

1536:4YkBsegRUdTqWXYBT6V8pNDlrLcNityC+OEnU:xHegR2XSH/ZrLcUqOd

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Coopen.exe

C:\Users\Admin\AppData\Local\Temp\Coopen.exe
"C:\Users\Admin\AppData\Local\Temp\Coopen.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:4848

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads