Analysis
-
max time kernel
111s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
10/11/2024, 08:36
Behavioral task
behavioral1
Sample
8e8f8c6e86a99a82c7e345a02eb48966fe8398c6f4dfcfc6a643a74d5500c4b6N.exe
Resource
win7-20241010-en
General
-
Target
8e8f8c6e86a99a82c7e345a02eb48966fe8398c6f4dfcfc6a643a74d5500c4b6N.exe
-
Size
83KB
-
MD5
115d17dc717f909c6ec7d6c913421e40
-
SHA1
c61d2f61ea3e8625274b34372cb8489d1bb78087
-
SHA256
8e8f8c6e86a99a82c7e345a02eb48966fe8398c6f4dfcfc6a643a74d5500c4b6
-
SHA512
77e5820b0c718cafada02df1ce09f708a4c3311adc477533981601f731319a5d5d29c779af2888c2ef85517ddfb0d81e549816ee391446d13587f7fda27600ec
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+UK:LJ0TAz6Mte4A+aaZx8EnCGVuU
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/1712-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1712-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1712-4-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1712-8-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x0008000000023ccf-12.dat upx behavioral2/memory/1712-15-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1712-22-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 8e8f8c6e86a99a82c7e345a02eb48966fe8398c6f4dfcfc6a643a74d5500c4b6N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD54e1b283be33a3c7c1c80e17209325d41
SHA1e4d1f451756004ff37d5fda146db1bc54fcc02fd
SHA256e4d88698deeae0056f0e1b8995699e140c4272083ae21f77553f82562f902e89
SHA512144c0c7c88869710dd7a37d93af12e6678326e20bf4caf874e6d3c02dc07ec137a9a3556f7abb9fa54ac39f144dabee53242e2286fb46dd3062243c9f404cbda