Analysis
-
max time kernel
111s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
09/11/2024, 18:30
Behavioral task
behavioral1
Sample
2135f647497c019b74f636199fdf2b5bd16faf0541df8137915c63f559a136aeN.exe
Resource
win7-20241010-en
General
-
Target
2135f647497c019b74f636199fdf2b5bd16faf0541df8137915c63f559a136aeN.exe
-
Size
83KB
-
MD5
0e529a6e6a30231f605cbea134f13110
-
SHA1
edd6d9cacbb7afcc0ceaf94e297644b2569d886c
-
SHA256
2135f647497c019b74f636199fdf2b5bd16faf0541df8137915c63f559a136ae
-
SHA512
99e4be162ea543d6357dfb3add9b62119e186bc6a551fa8abfe47fad2d76121a75a353fbb7feedba35f94c3713af42ba87345be7d34a670d5c22ca9d5dcb1f46
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+pK:LJ0TAz6Mte4A+aaZx8EnCGVup
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/4632-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4632-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4632-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4632-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4632-11-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x0009000000023bec-12.dat upx behavioral2/memory/4632-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4632-19-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 2135f647497c019b74f636199fdf2b5bd16faf0541df8137915c63f559a136aeN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5661231c388f3f49f94597287e6eedb48
SHA117c5fc29b9cc4e312819c43969d804e5796db363
SHA256881e33b592443599193fc27e03c359aa2713c747df81ffe614357034d8aaa559
SHA512991c6f2db550667fded4eee92dca109de0374ff93668156deda7f32122b1c9503d44103bf4868b89addc625da5f402285606235aac821e6536aa961702a37eed