Analysis
-
max time kernel
110s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
10/11/2024, 06:53
Behavioral task
behavioral1
Sample
3e506e1dd6b9df016d5672b01879a9e0d20373ef24e66fdf9e5b36c6e534dad0N.exe
Resource
win7-20240903-en
General
-
Target
3e506e1dd6b9df016d5672b01879a9e0d20373ef24e66fdf9e5b36c6e534dad0N.exe
-
Size
83KB
-
MD5
3d2f5d7ea4f98c01be654ce5c6c2d680
-
SHA1
77ea29b149e00ec0f818aedc3b9f12b7f9f00ee8
-
SHA256
3e506e1dd6b9df016d5672b01879a9e0d20373ef24e66fdf9e5b36c6e534dad0
-
SHA512
ce4a900130658466525eb6913d6f1d2c6346a98935db18c61a4bd409b274f2e7deb192afffbed0c9ac46873ed4edd1d44e630d289dbbdbdcb070ae7fc9d85bb7
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+fK:LJ0TAz6Mte4A+aaZx8EnCGVuf
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/2620-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2620-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2620-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2620-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x0008000000023ca8-11.dat upx behavioral2/memory/2620-13-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/2620-21-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 3e506e1dd6b9df016d5672b01879a9e0d20373ef24e66fdf9e5b36c6e534dad0N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5b25686d6bdee6734c99577cb5464c162
SHA1fce83ff817890fcd0634d5df1fe804fde6d4831f
SHA256aae6b546ad747bc82d11faf0e9d6d21869dcf5b50678d8808354f87485a4ea25
SHA51280863369215ca6054b0f0ae630817ab6422b184d7e42b0a90ed68fce9d5b1aaa5a2f9b8a3e797242681e97382e67aadb2793047b0c06eaf29a1b6e63e9ea69c1