Analysis
-
max time kernel
111s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
07/11/2024, 10:53
Behavioral task
behavioral1
Sample
45ddb35bef0642c75edfa9aea20a4fc9cd61d8cb0f74445c34a8f7f3b8cc9ef1N.exe
Resource
win7-20240903-en
General
-
Target
45ddb35bef0642c75edfa9aea20a4fc9cd61d8cb0f74445c34a8f7f3b8cc9ef1N.exe
-
Size
83KB
-
MD5
b4dfe06ab82a82ee98baa47a6229b710
-
SHA1
6e57ad65728c222f7c99f41b0d669b035eff1f32
-
SHA256
45ddb35bef0642c75edfa9aea20a4fc9cd61d8cb0f74445c34a8f7f3b8cc9ef1
-
SHA512
5ee4711f36ed7f0d282bf0ca770b1d5941c47d5001f689c839d9983f9f80d860bb25dc834baddbc85a82e323849a2c5f1616531a78b6d0e330fcf2c81b350d5d
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+KK:LJ0TAz6Mte4A+aaZx8EnCGVuK
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/1420-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1420-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1420-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1420-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x000b000000023b99-12.dat upx behavioral2/memory/1420-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1420-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 45ddb35bef0642c75edfa9aea20a4fc9cd61d8cb0f74445c34a8f7f3b8cc9ef1N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5b6b952de4f16707308f0af9bd079faf4
SHA1f7b47cd27db8aa69e0c9ffd3d07de8340fa00c64
SHA25607d1b4690fcfa195c43891b90bc3d17bf93abf276c425ff3d7f33005f3db5393
SHA512847151ef70db5b3761442db3fe784482b485553403d9de24e0f94b3a8b8321bde1e0613746c157619600ad78dec9b965e91ab99813f0763628ec68ec6e0cb3cb