Overview

overview

10

Static

static

10

tool.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    81s
  • max time network
    83s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-11-2024 20:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tool.exe

  • Size

    429KB

  • MD5

    6341355e2d476e6fd609e42f3df3e413

  • SHA1

    acc007def8b1b8cc2aac8b2d5ff9e8eb8da0e232

  • SHA256

    7741a1263b46dbaa5d076d3bde615f3bc0574a9eafbe47065a42fd1f959f5778

  • SHA512

    7735b61d6308df68965f026ad99e80e0f7b0991c1dc561ebe650cd23eb3c892d23ba9e7cd216c2d33661135d97452e53be7013e85a6df8cde52c8634271edbe7

  • SSDEEP

    6144:H+d2+U+8RRJorR7zu6tF9x46YGg83lgnbJHZFXUU01yC5wJ/3AO2HyXGcKcOiuf:H+d3UGddn4F83l0JjXUU0kXAHTctuf

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tool.exe
    "C:\Users\Admin\AppData\Local\Temp\tool.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads