Analysis
-
max time kernel
149s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
09/10/2024, 19:05
Static task
static1
Behavioral task
behavioral1
Sample
8fdecb291591c389f44647ddb7184ff868f9d528c3e293fecafbc2cc8c710dd0.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
8fdecb291591c389f44647ddb7184ff868f9d528c3e293fecafbc2cc8c710dd0.exe
Resource
win10v2004-20241007-en
General
-
Target
8fdecb291591c389f44647ddb7184ff868f9d528c3e293fecafbc2cc8c710dd0.exe
-
Size
11.3MB
-
MD5
0a0635b977655189f0166bb67f321c65
-
SHA1
8cb873ea76e5ab17d1f4b726180e994886e3179c
-
SHA256
8fdecb291591c389f44647ddb7184ff868f9d528c3e293fecafbc2cc8c710dd0
-
SHA512
e3e1ec9c1d3d28ca8fbd5e8d21fda34fa2af494c60941bdfdae31f53f35caf18c5fe2686e251af96a5dd92047f83fdddcdaec4cb6acf0db72e635e56a73a787a
-
SSDEEP
196608:RXFGPpySVf+6b9oDdh0qTRxa8z1sULDSe9a+5crvT9YqS4lU4I4:RXVuf+6poDjBTRxa8psYSUa+arvSP0z
Malware Config
Signatures
-
Downloads MZ/PE file
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 8fdecb291591c389f44647ddb7184ff868f9d528c3e293fecafbc2cc8c710dd0.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 3752 8fdecb291591c389f44647ddb7184ff868f9d528c3e293fecafbc2cc8c710dd0.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\8fdecb291591c389f44647ddb7184ff868f9d528c3e293fecafbc2cc8c710dd0.exe"C:\Users\Admin\AppData\Local\Temp\8fdecb291591c389f44647ddb7184ff868f9d528c3e293fecafbc2cc8c710dd0.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:3752
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5c7c81b7c8c0c8f0349d18387dfdd71f6
SHA185874ab87aca9e7d1f1a76e416fbb374e5db5d6e
SHA256dfb646cb3e1b0ef8b6e71f065a0c0086464cb763101cd9a5b9c7637505046bee
SHA5125969c2c747d578168848ff7ea5c5592e75417215b0fcb7191a1db6a3e7eed7b1c41cce58d394a0c55930c18ca387826f3339a90c4704ec0792489f6db78e08b0
-
Filesize
38B
MD526acc5608fc8f4431015048a52a8cd52
SHA142c27254a240982248bfd3d7e507769ab8a4a9b6
SHA256ad328625a408e71b8f87743ae49e677131981720c5f89d7e48dd524a480c1114
SHA51296b644660b0c9404631dc8d7acd5c72788c7d0948e29ade9aa96ed81f3e2ff6f42aaed6d10ff4e4cb2654396433a9bfcec1d5cb8f8a2181fa964bdba5265d023