Analysis
-
max time kernel
110s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
10/11/2024, 08:48
Behavioral task
behavioral1
Sample
d55a421b4402512c208aa8ecf811f2e42e773c67412c54ae74deaae370b8ee95N.exe
Resource
win7-20240903-en
General
-
Target
d55a421b4402512c208aa8ecf811f2e42e773c67412c54ae74deaae370b8ee95N.exe
-
Size
83KB
-
MD5
52a4f9a66fcd131f6e171385d9b82010
-
SHA1
a111311c4af91104e78b264346548d16ed34ca18
-
SHA256
d55a421b4402512c208aa8ecf811f2e42e773c67412c54ae74deaae370b8ee95
-
SHA512
4dcde024361c862a67a5b361faf922dca88709afad4dab67fc529dfe28aa4f51a7d9232841e12885b8e9a92ad030356ccdb7ab40c8f000f7618957487a7fec95
-
SSDEEP
1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+fK:LJ0TAz6Mte4A+aaZx8EnCGVuf
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/1236-0-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1236-1-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1236-5-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/files/0x0008000000023c96-11.dat upx behavioral2/memory/1236-14-0x0000000000400000-0x000000000042A000-memory.dmp upx behavioral2/memory/1236-21-0x0000000000400000-0x000000000042A000-memory.dmp upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language d55a421b4402512c208aa8ecf811f2e42e773c67412c54ae74deaae370b8ee95N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
83KB
MD543e76fc1b821d705e41a8d63e45cbf66
SHA1041f11ce931a9139060af16078bb1043cd45b727
SHA256e055166b3e8159c7f9a05e2acbfe318b56c2b62c7c043c6d69222840125dacac
SHA512aef26cd6c035543288054460422e1549de9cac5a816eecce676890aff91646e20fae3d6140f8b7f5b84e2e095d2c4d8584b59b13cdca7317abec00754bfb251b