Analysis
-
max time kernel
96s -
max time network
144s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
09/11/2024, 19:05
Static task
static1
Behavioral task
behavioral1
Sample
d4d25de28857d2067ce2aa252d6821becfaadc3ac7a2bc980816118a12950e89.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
d4d25de28857d2067ce2aa252d6821becfaadc3ac7a2bc980816118a12950e89.exe
Resource
win10v2004-20241007-en
General
-
Target
d4d25de28857d2067ce2aa252d6821becfaadc3ac7a2bc980816118a12950e89.exe
-
Size
7.9MB
-
MD5
b10e28d1033d63a014cade22fe06027b
-
SHA1
df7187144e7e6ab0469f08a0c1a151777fb3c974
-
SHA256
d4d25de28857d2067ce2aa252d6821becfaadc3ac7a2bc980816118a12950e89
-
SHA512
3723e236aac662665c4d6204ddcb06f16742ce4787802469d9eda70a44b512eb8e72e8f8d5e49f66b14810d6f7f655334f9edb6672d94ed8354fb86df56adaf4
-
SSDEEP
98304:w4NxK/6sZTj2Ry2fPAWyjNTEY9xFUkcVwNSHfbv/kOIhThw6Q1f+hl/hjY4+iafv:w4m2INTx9Pe20/zkOiu1f+79YR
Malware Config
Signatures
-
Downloads MZ/PE file
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language d4d25de28857d2067ce2aa252d6821becfaadc3ac7a2bc980816118a12950e89.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 4484 d4d25de28857d2067ce2aa252d6821becfaadc3ac7a2bc980816118a12950e89.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\d4d25de28857d2067ce2aa252d6821becfaadc3ac7a2bc980816118a12950e89.exe"C:\Users\Admin\AppData\Local\Temp\d4d25de28857d2067ce2aa252d6821becfaadc3ac7a2bc980816118a12950e89.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:4484
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5990211bac4e9f8930506498405d4f1da
SHA12388aa31abbafdeb6fb61fe344e23ee5c16b22af
SHA256046b6f7b9cdcbc85eb4e65e43ef3e53caa4592849feefb33fe366f3bbd292366
SHA51255973ca4647d171a962bc0f59afa2db141ac34419b7c98ae8da53b6e77814fea191c3676ca53f437d35dc75e7f84d65276b58ca5c06de1d691f611149f2d0b14
-
Filesize
7KB
MD5bd455e31198e6c3b8ad7b962cc429e0f
SHA163322eb4ec156ec6d89faeb8c42af434ae1343c5
SHA2563d84933814bd9621ac2d69722aa9139c4ff859e3ef98cd33ebb71cf6e729a531
SHA512dc9877ffa42c3eb4338e0d058aeeb9161cea52b48a360d54b548c2b30d17c31fcbe0e79dc670e642a5bfc81a91915269373b8bb74946a591d8214594904ba7db
-
Filesize
38B
MD5d75e14e7fae2927901652fbab269c730
SHA1ee44479e8847815c4cd78fae9065c2dd4e9d4c4a
SHA25652f74a706a5278f0b18e57acf9a92bc4f6d2fd60250c6a3752966cf0b34dd2b9
SHA512abe933bf9d6c8c65b321f1801890fc1c9f8ba40e81357fea03b59acdb00b9228036e1fba0143c1428768f657fedf690a791c8c962c0f96e6f4c5d54fdd2d7831