Analysis
-
max time kernel
111s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
07/11/2024, 15:51
Behavioral task
behavioral1
Sample
bad772011e6ee0a995c1818c419215f8a6255b9ce2dd499b5b4a939579ad1bffN.exe
Resource
win7-20241010-en
General
-
Target
bad772011e6ee0a995c1818c419215f8a6255b9ce2dd499b5b4a939579ad1bffN.exe
-
Size
83KB
-
MD5
a4f866f6c309b5c60e48d32578aacc70
-
SHA1
ef3ec3b9e13970764217f85ce0ce511d2488ba47
-
SHA256
bad772011e6ee0a995c1818c419215f8a6255b9ce2dd499b5b4a939579ad1bff
-
SHA512
999f413fa5427133a0c03226d63c89684a1ffd0bc2bd99239f4d4a17321a1ca822363388ed405dbd7361bf2cba3fe74ea7c5067953063221414a57dc849c56e6
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+NK:LJ0TAz6Mte4A+aaZx8EnCGVuN
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/2556-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2556-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2556-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x000a000000023bc4-12.dat upx behavioral2/memory/2556-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2556-19-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language bad772011e6ee0a995c1818c419215f8a6255b9ce2dd499b5b4a939579ad1bffN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5ed90976f758b79b9d187e0e9f1ba04d0
SHA105ec6d68db54ca01426906ca1a4cc83297699167
SHA2567b03f64870a49b5311ea1b9c3c1a699c49c6a7f25a47abec9edbaa907351edae
SHA5124a7b7ecee489f59ef8980f7c4a49c99a3b8cc5c00a8d69eb9b0c63b4693ae8a0e1837598cdc66141b404a711702a269aae058d066ad395167b53cac26ee1fcd1