Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-11-2024 16:59

General

  • Target

    w9ks9.exe

  • Size

    268KB

  • MD5

    dae810ed8cf180a99a0c0572b4f8f9b5

  • SHA1

    1923b46caac111b8fa04345cbfe9861e5fca7c32

  • SHA256

    f781f7a6d12d8e7581fa4ccd6365f3026af61df4b4a1b2d27d56e8b6bf118aea

  • SHA512

    5792e317bba8c5d4ca305fd427b03dd972e1e8057190695df6aac41b705ab7e3686fedb3da54fd806e1ebb04cc7a3eac1525a5f7a0c8e20279915a830505b7e8

  • SSDEEP

    6144:SKDFWqyd3oxcdzOjcufgM7e3lSQtZ0PoOKEtq70uHRinFBqLTabu0W:lDwu+OjcufWlvQoOKEtY/xUBqLSxW

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\w9ks9.exe
    "C:\Users\Admin\AppData\Local\Temp\w9ks9.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4020-1-0x0000000002230000-0x000000000227A000-memory.dmp

    Filesize

    296KB

  • memory/4020-0-0x00000000021E0000-0x0000000002222000-memory.dmp

    Filesize

    264KB

  • memory/4020-2-0x0000000000400000-0x0000000000442000-memory.dmp

    Filesize

    264KB

  • memory/4020-3-0x0000000000400000-0x0000000000442000-memory.dmp

    Filesize

    264KB

  • memory/4020-5-0x0000000002230000-0x000000000227A000-memory.dmp

    Filesize

    296KB