Overview

overview

10

Static

static

3

a.exe

windows7-x64

3

a.exe

windows10-2004-x64

3

bypass_sandbox.exe

windows7-x64

1

bypass_sandbox.exe

windows10-2004-x64

1

名单助手PDF.exe

windows7-x64

10

名单助手PDF.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-10-2024 08:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a.exe

  • Size

    5.9MB

  • MD5

    f074f20159b60e75acb793178416998a

  • SHA1

    7d492801fff37f2f7449a88fb638584c6601841e

  • SHA256

    bb6b5136b6ab6b7a93d87f9c130bc3ffd61a5e29d23a2758964bdcfec7e81862

  • SHA512

    f94afd086753cd67ab93a3f9e4e2fff0fc45e232e6ae993ba141edf94c61a5bb355a8917010fed6a2b84f7722ee66be410a885b9634896cce9c2070b2c3d6fd8

  • SSDEEP

    98304:2Espe45RHLneGJ3uqUYcPSuo8GEa48C0lZgGGFRk3WGKWLwsBBtEoECE:Wnnh3uqV/u5h8RZgGg/WtB

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\a.exe
    "C:\Users\Admin\AppData\Local\Temp\a.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2272

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads