Analysis
-
max time kernel
120s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
07/11/2024, 15:05
Behavioral task
behavioral1
Sample
1ca25b111b7d12f9c86294c80f55cf063ec3cd59a0a1f9c4b67d736bdf92c58aN.exe
Resource
win7-20240903-en
General
-
Target
1ca25b111b7d12f9c86294c80f55cf063ec3cd59a0a1f9c4b67d736bdf92c58aN.exe
-
Size
83KB
-
MD5
358c8a138c45718312a3eab11c1196b0
-
SHA1
ada5f361d7a6373f21961683e05679f2bce24f11
-
SHA256
1ca25b111b7d12f9c86294c80f55cf063ec3cd59a0a1f9c4b67d736bdf92c58a
-
SHA512
0de42768001e2627b60d7f3ecb0496db99db9c07216991cea5aca12e25d9cd2779a10a437824320bba0595c5d927c284f2c542fbbe3b13e56f361918cadd70a2
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+/K:LJ0TAz6Mte4A+aaZx8EnCGVu/
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/3020-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/3020-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/3020-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/3020-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x0008000000023ca7-12.dat upx behavioral2/memory/3020-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/3020-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 1ca25b111b7d12f9c86294c80f55cf063ec3cd59a0a1f9c4b67d736bdf92c58aN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD568dee9fc0ef82d8c539939f11e4a3790
SHA1a6dcc3aee16251c5afaf18a9e75695a3861c51fa
SHA2561efa195907a2fdc68b363de7a944d02e911fa59cbd89af4d36091d79846b538f
SHA512c21aeafccea6a9a3c9cff9765f9b2d942031bc60ad0c041e07120e1c7e85b9c8ac32190d6c6359758196dfd2c13ef2062d45d84c765d820f324c6188dca5a007