d6e16fe20028e5d4fe6d3157db2a8eba1751ab6d8fd19aea449635d62fb5aae8

Analysis

max time kernel
121s
max time network
126s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
19/11/2024, 10:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d6e16fe20028e5d4fe6d3157db2a8eba1751ab6d8fd19aea449635d62fb5aae8.exe
Size

676KB
MD5

2b8a041b64d8ef5f23ccdd5ec41f8fa4
SHA1

081c77855e1c120794e1ce1dd0321e310e606d99
SHA256

d6e16fe20028e5d4fe6d3157db2a8eba1751ab6d8fd19aea449635d62fb5aae8
SHA512

12788a3a05127f2fec6e372a0214fe012aa4b9376af6861662efa6f22e8fb1eb1e1dc6abed6f3b125ca19174b99bb3d20dc4ca0e6b1e1e290eff86cd048e20b1
SSDEEP

12288:8jNkR1ybZHWf+zSGn25nVYvwX5Q9crRHwju5N0cqjFJpP/9vrGmIu:8jNY4bFWfkz25nf5Q9qwLx/9vrGnu

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	d6e16fe20028e5d4fe6d3157db2a8eba1751ab6d8fd19aea449635d62fb5aae8.exe

C:\Users\Admin\AppData\Local\Temp\d6e16fe20028e5d4fe6d3157db2a8eba1751ab6d8fd19aea449635d62fb5aae8.exe
"C:\Users\Admin\AppData\Local\Temp\d6e16fe20028e5d4fe6d3157db2a8eba1751ab6d8fd19aea449635d62fb5aae8.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2244

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\jusched.log

Filesize
9KB

MD5
85c977c4099eda2f715ae73b557b9447

SHA1
5ce49d4fb7f4b4e26165eff06d84016f06c1bbc6

SHA256
81c0bafedd1681c1baa07b78dc1783f1bde57d9c1690f425a6c4dcc18376abf2

SHA512
6f3c4e4feddc4648b5cb3973053aa7c8f6b160639ffb873338dd616b9136ca6d9688a5df6ecc1041e5a0f02dbba605c80762a95515de1acc28b0bc7013491072

Download Submit