Analysis
-
max time kernel
110s -
max time network
97s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
10/11/2024, 06:54
Behavioral task
behavioral1
Sample
b59a4a0157f290891718333e8f79521c8ba5eb8ad89164a347e4f7d273b12c1bN.exe
Resource
win7-20240903-en
General
-
Target
b59a4a0157f290891718333e8f79521c8ba5eb8ad89164a347e4f7d273b12c1bN.exe
-
Size
83KB
-
MD5
3fa1f215e18f461995b3c5c8a6eddbb0
-
SHA1
d90f8fe980a7c644f17331ba330e83815e9fd412
-
SHA256
b59a4a0157f290891718333e8f79521c8ba5eb8ad89164a347e4f7d273b12c1b
-
SHA512
5232b5b0275bd252d0b72576647389c65b649cab94842980b086fc57f04f7b2d537f1946ebb4d9565191b7aafd6fccf1d3d4b73f79c01467574d472ef0f94843
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+GK:LJ0TAz6Mte4A+aaZx8EnCGVuG
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/1804-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1804-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1804-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1804-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x000b000000023b8d-12.dat upx behavioral2/memory/1804-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1804-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language b59a4a0157f290891718333e8f79521c8ba5eb8ad89164a347e4f7d273b12c1bN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5a7d3cbae33528a47b8f9c2e6c5c415a0
SHA1c9e6f1a1dcd2e8e9027d37958529b1af74d22178
SHA256f535f11a13a920ada6950f31ed4428df0b4b3949e1dfe80427d5aa818e2343ea
SHA51291f909b238147f223827bce88d785a1aedbdacac7287eb9723e4e74e539f4e73ccd8b33f7b479f9ab30690d3013782fdc0f68ad90c06d0af143a1e0a01f11667