Analysis
-
max time kernel
111s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
07/11/2024, 10:18
Behavioral task
behavioral1
Sample
3b4eae8fd29f593294bd268de1ffd338bd55de93a049b49fca3e7053e4942099N.exe
Resource
win7-20241010-en
General
-
Target
3b4eae8fd29f593294bd268de1ffd338bd55de93a049b49fca3e7053e4942099N.exe
-
Size
83KB
-
MD5
a2d2f16f1b48a1e7d739e69e50b72250
-
SHA1
309d4f961e860a42fbfea99110bc39a59121485d
-
SHA256
3b4eae8fd29f593294bd268de1ffd338bd55de93a049b49fca3e7053e4942099
-
SHA512
698d255f479535601f0913968223f3fa6d948becd1208d6e5534c1d5e91507cbd4410afc9d2bea0a3983bd8dee2cde04ac4ed5a66dff05691195600c88b74267
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+sK:LJ0TAz6Mte4A+aaZx8EnCGVus
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/852-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/852-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/852-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x0008000000023ca6-11.dat upx behavioral2/memory/852-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/852-21-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 3b4eae8fd29f593294bd268de1ffd338bd55de93a049b49fca3e7053e4942099N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD526a79baa112e068b39282aa49dde9072
SHA14dffd55a59443026c17cdd80e32bfc19b666c65a
SHA25654231349a6021b07d3ef0bd2c759bac1cc74fbdfc5a8cbf099d3ecfebe8d13d5
SHA5121a704eb28f9e6177e41309f23ab577147c871c47c3f7407ae42151fd3e85d8450ed794c5f32ddf810c65feca1654b4f9098b76c48ba3328f59c3d9634f0b342b