Resubmissions
10-11-2024 01:42
241110-b41vrswgrj 810-11-2024 01:38
241110-b2c1xswkft 810-11-2024 01:32
241110-bx637swjhx 8Analysis
-
max time kernel
12s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
10-11-2024 01:32
Static task
static1
Behavioral task
behavioral1
Sample
fnaf plus restored.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
fnaf plus restored.exe
Resource
win10v2004-20241007-en
General
-
Target
fnaf plus restored.exe
-
Size
937KB
-
MD5
10fccccf042d47d4bf56bb1bc5e04273
-
SHA1
42268e93106a8b9831f1750dbda236137d37542c
-
SHA256
60ccfd2af3e5f68d1b1fa36140e97a65411f0ce26da19768933cd5128fe342fb
-
SHA512
ef5f4cca065311aae4b3d35c74de5d2daeebb36396e0a15fa5a544460ccb8ef82dd2efa7efae1afa0bb76468e9986c2e3dfa37cfbca1c01ca212c9379b3b36a9
-
SSDEEP
12288:qUDU9hdC/8PqDaPcUewtn10Gkt+Tu8mTLUyitik5ZEXhttD:qIU9hB5Bkt+TmYti8ZErtD
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
fnaf plus restored.exedescription ioc process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language fnaf plus restored.exe