Analysis
-
max time kernel
111s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
09/11/2024, 11:32
Behavioral task
behavioral1
Sample
8cb588a9d977b2d93d3dcb59367a10461ce6ac4575583a2613d443e3527bd780N.exe
Resource
win7-20240903-en
General
-
Target
8cb588a9d977b2d93d3dcb59367a10461ce6ac4575583a2613d443e3527bd780N.exe
-
Size
83KB
-
MD5
5a514ac397b76830a39d7ab0c2f4a2e0
-
SHA1
02e0164e1acb279238c4ebdec7ca2a4d6021eaed
-
SHA256
8cb588a9d977b2d93d3dcb59367a10461ce6ac4575583a2613d443e3527bd780
-
SHA512
09ea8a662eb69c5b74ca0810847a7acd8f803b1d85c8982d24cc8361fec2d199ecb0b4e0c89b0273a625a2b99146fe4767d036e9e75448bb25f72883e6742985
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+5K:LJ0TAz6Mte4A+aaZx8EnCGVu5
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/1404-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1404-2-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1404-6-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1404-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x0008000000023cb7-13.dat upx behavioral2/memory/1404-16-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1404-20-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 8cb588a9d977b2d93d3dcb59367a10461ce6ac4575583a2613d443e3527bd780N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5354b49aece24f04e626eff925893fb1d
SHA13e0220886a5fe455aea5629195bdde679d48e762
SHA256765adc8982be721fb1ada4394f65ebf54852af91a10793902beaa7d1e92191e5
SHA5124082a3df4b8c85ae22fe6cde5fb4f2ac4607bf18f108080a68e50d8cb79e63010edce83226f94c207b9f9ef93e37e948cff8771526db617c58e283cb7e192e5a