Analysis
-
max time kernel
111s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
09/11/2024, 11:27
Behavioral task
behavioral1
Sample
00556028715d0e3f067cb1152906bbb039efbcbe9ec5a64f981ff7778e30f7b8N.exe
Resource
win7-20240903-en
General
-
Target
00556028715d0e3f067cb1152906bbb039efbcbe9ec5a64f981ff7778e30f7b8N.exe
-
Size
83KB
-
MD5
5ef0722249a9bd1486512c41ab6896f0
-
SHA1
7bf6bb83b9cf43140ecd29daf508f25521b49790
-
SHA256
00556028715d0e3f067cb1152906bbb039efbcbe9ec5a64f981ff7778e30f7b8
-
SHA512
42586c59ba36497ffb97e1915198cf0786a4a34904a88d29c1dacfa3a10de6b575e259f7f420c3a02cebbe0c6830014711bf47dd85ac461948f9af7d8a03ad30
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+SK:LJ0TAz6Mte4A+aaZx8EnCGVuS
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/4560-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4560-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4560-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4560-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x0008000000023cca-11.dat upx behavioral2/memory/4560-13-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4560-21-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 00556028715d0e3f067cb1152906bbb039efbcbe9ec5a64f981ff7778e30f7b8N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5391d0df77d59be9c94d56d25f776b423
SHA158c47260a5ca48c8ec5dc88c51c247525a2ac465
SHA2568dd26c48c9c433ef7539dc646e500a3b7ff0f73b98f5c662991a3181593e6d2e
SHA51206f7663e6ed642d22e94ec089fdcb78ba921e46383d359e9cfc8ee3e4349f696f3f2ec1c6592fa5a8f9683c7efe47ea9aef7e4d4030dfac63a20aa258047233d