1613d0c101f86407286c1bd4d47ec4b6d24dc959909d50dd7b8b27899a561a91

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
15-10-2024 07:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Launcher.exe
Size

105KB
MD5

eb689fb1a8fd87e93209cf3038404d68
SHA1

d00a4189642b4ae4d97f797c8fdf7dd35875a8b7
SHA256

b8e99c41b345cbb1c61d851a91fcefb209fb83c9a88354ec26545a4f17e6d3f2
SHA512

fa1e0c29d82d4804f1f79de5c464cf8091dac0f1e6563d75eef6537f82c76884746dc4a5419a9a3f51bc1d5283d1867485b5e4e9d52fe0d621f74994937f8a7c
SSDEEP

3072:fh/zMsOUgDH6h0UTmcZsl+dzFManuShzyLgKPe:fVMsy+h4cZsluzXnLtqP

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Launcher.exe

C:\Users\Admin\AppData\Local\Temp\Launcher.exe
"C:\Users\Admin\AppData\Local\Temp\Launcher.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2288

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2288-0-0x0000000074B11000-0x0000000074B12000-memory.dmp

Filesize
4KB

Download
memory/2288-1-0x0000000074B10000-0x00000000750BB000-memory.dmp

Filesize
5.7MB

Download
memory/2288-2-0x0000000074B10000-0x00000000750BB000-memory.dmp

Filesize
5.7MB

Download