Analysis
-
max time kernel
110s -
max time network
98s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
07/11/2024, 10:15
Behavioral task
behavioral1
Sample
f9512a723c89922d0469eb37bb85cb3b6bfa31fc04c9525666200a5825796b75N.exe
Resource
win7-20240903-en
General
-
Target
f9512a723c89922d0469eb37bb85cb3b6bfa31fc04c9525666200a5825796b75N.exe
-
Size
83KB
-
MD5
fdecef608d545ffcddb59ec090638220
-
SHA1
f3f16fc9137337c0e4f472f996c79650b8d6286a
-
SHA256
f9512a723c89922d0469eb37bb85cb3b6bfa31fc04c9525666200a5825796b75
-
SHA512
1bad6e1e7922b0042f175854c38decba41ee544b974a991813b68f6f4688f8690114cc59fd9ed0e1278bc174f6c071003261ad2d084aed55552a142c3b88d23f
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+GK:LJ0TAz6Mte4A+aaZx8EnCGVuG
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/1536-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1536-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1536-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1536-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x0008000000023c84-12.dat upx behavioral2/memory/1536-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1536-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language f9512a723c89922d0469eb37bb85cb3b6bfa31fc04c9525666200a5825796b75N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5b718d24f6e08f5b47ee7ceb285b97630
SHA1699037cbc423ac2e3b353ea99e9de2ea6fde3272
SHA2568e1c424e607b0bda821d0c076977fa993129d8e9033481bffe3ff111a3f188d6
SHA512700fb1bd5540179efcd679dd81afedbc19755242fb692ae7beab03ab01777598b08a24cda0312c6f5c54affe91db4c9be4bf904bbc4ae3d9c1f313200bcd33c2