Analysis
-
max time kernel
111s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
10/11/2024, 08:34
Behavioral task
behavioral1
Sample
1f107e0d26e48ee0f32fcd082dc4fb5cfef634a7535d509998946a4ca7181767N.exe
Resource
win7-20240903-en
General
-
Target
1f107e0d26e48ee0f32fcd082dc4fb5cfef634a7535d509998946a4ca7181767N.exe
-
Size
83KB
-
MD5
0763061c9fdd90a535ed0f36b80c91c0
-
SHA1
111f17947a19b8a98ab8f62631791bebf77c073e
-
SHA256
1f107e0d26e48ee0f32fcd082dc4fb5cfef634a7535d509998946a4ca7181767
-
SHA512
f7d30f2b873edf04adfbefa67060d000ce4ffc829f8ce2339d739e8206fb4be3b9a71fbee0ee29043903dec44e64fb1f586360810c0ef454333f01ccb4bcf817
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+/K:LJ0TAz6Mte4A+aaZx8EnCGVu/
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/1096-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1096-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1096-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1096-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x000b000000023b8c-11.dat upx behavioral2/memory/1096-12-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1096-19-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 1f107e0d26e48ee0f32fcd082dc4fb5cfef634a7535d509998946a4ca7181767N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD5b9834c7b3b1f761c5c26599a436b8ad4
SHA1c9307d0f79165d10ee83d7dc2bb723dd626ba6c8
SHA2567e369821cb2141f0fe4f4f16a45839d723778b4919b5169d6b8992abb93a1918
SHA512060fee7b28deb29829911e200dadc51b0e3634e0ff8a21fa93c9715a9997ae237455f0158e56014714605b51e87a232fc8d329cbb72048ab2717cb0987cab320