Analysis
-
max time kernel
120s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
10/11/2024, 08:31
Behavioral task
behavioral1
Sample
232a350890a4059890db20d83a4564703cff5d9f5f16bf4fc35e821caae2847dN.exe
Resource
win7-20241010-en
General
-
Target
232a350890a4059890db20d83a4564703cff5d9f5f16bf4fc35e821caae2847dN.exe
-
Size
83KB
-
MD5
ff7e88bc982df4957ef3a83601a3dcd0
-
SHA1
fd1a8a074108989df6466d010b2bbd6c2f921244
-
SHA256
232a350890a4059890db20d83a4564703cff5d9f5f16bf4fc35e821caae2847d
-
SHA512
3eaeb6fb6459730ee35fc8664c1a31d0e9b6dc9cd22e46317b91fa5899365f295852241fba3725a6fe41d4b9f41eb51246fe11cd52e0e2a92819bfff73c68f8c
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+PK:LJ0TAz6Mte4A+aaZx8EnCGVuP
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/5084-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/5084-2-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/5084-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/5084-9-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x000a000000023bb1-13.dat upx behavioral2/memory/5084-16-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/5084-23-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 232a350890a4059890db20d83a4564703cff5d9f5f16bf4fc35e821caae2847dN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5b0728d6cf56e71ce9ce9ca46958bca05
SHA1d966f0f6416b795da3e5d07761df673bc4864fc0
SHA2562cfd46d0cb109c4da56c41f83d6ef83e1bf414d4a61c96164817d1ed19bf7390
SHA51253c7180f0249f16a88f835e5ebf1020d45c80a26fd6688577818eae419cca95cfc1d4c710b907872154f9d67883f8e2c5710f5cd2def370bd9822f9af5cee6a6