Overview
overview
10Static
static
1kmSdem1.exe
windows7-x64
7kmSdem1.exe
windows10-2004-x64
3readme[1].exe
windows7-x64
10readme[1].exe
windows10-2004-x64
10voyjy.exe
windows7-x64
1voyjy.exe
windows10-2004-x64
3w9ks9.exe
windows7-x64
7w9ks9.exe
windows10-2004-x64
3wpbt0.exe
windows7-x64
wpbt0.exe
windows10-2004-x64
10Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
03-11-2024 16:59
Static task
static1
Behavioral task
behavioral1
Sample
kmSdem1.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
kmSdem1.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
readme[1].exe
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
readme[1].exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
voyjy.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
voyjy.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
w9ks9.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
w9ks9.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
wpbt0.exe
Resource
win7-20240903-en
General
-
Target
w9ks9.exe
-
Size
268KB
-
MD5
dae810ed8cf180a99a0c0572b4f8f9b5
-
SHA1
1923b46caac111b8fa04345cbfe9861e5fca7c32
-
SHA256
f781f7a6d12d8e7581fa4ccd6365f3026af61df4b4a1b2d27d56e8b6bf118aea
-
SHA512
5792e317bba8c5d4ca305fd427b03dd972e1e8057190695df6aac41b705ab7e3686fedb3da54fd806e1ebb04cc7a3eac1525a5f7a0c8e20279915a830505b7e8
-
SSDEEP
6144:SKDFWqyd3oxcdzOjcufgM7e3lSQtZ0PoOKEtq70uHRinFBqLTabu0W:lDwu+OjcufWlvQoOKEtY/xUBqLSxW
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language w9ks9.exe