Analysis
-
max time kernel
111s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
10/11/2024, 06:52
Behavioral task
behavioral1
Sample
0ca99977f486fe87126869cff84b28b3bc2437af0df70942a4c3cb8d5fff821dN.exe
Resource
win7-20240729-en
General
-
Target
0ca99977f486fe87126869cff84b28b3bc2437af0df70942a4c3cb8d5fff821dN.exe
-
Size
83KB
-
MD5
68983f4ac2af46847d46421009cb1c10
-
SHA1
848fcecc50317100b5294bf675e3c4cf84be480a
-
SHA256
0ca99977f486fe87126869cff84b28b3bc2437af0df70942a4c3cb8d5fff821d
-
SHA512
881006c1c58478cd3681ab4f0c9de60058c37e5fd865580bda4753636bddf441fca436475d122d83388fea94be1ac700183b054e7f8fde86559b978aa21a400e
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+VK:LJ0TAz6Mte4A+aaZx8EnCGVuV
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/4972-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4972-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4972-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4972-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x0009000000023bc7-12.dat upx behavioral2/memory/4972-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/4972-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 0ca99977f486fe87126869cff84b28b3bc2437af0df70942a4c3cb8d5fff821dN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5987375c68f55165243eff11bac588eea
SHA1bd1fd33c8faf25cfdcab73cdaaed330cd7fc21f7
SHA2566298dbe40f3c37fdffd5350fdc058777ed96aaa5b50c146bdbac75a2a0bcbe81
SHA5128e6313f780b473ea2e00cc8b1e8ce6eef8b524c34e166c31ad944ee58e14ed261630d095e7f62fbb14f8d1bf2d8b6fe162eaea09589858500e30979f466c6452