21e467ca69dcead11ba3bb6696bd74709658c4a56bd749d89652e88466cc21d3

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
19/11/2024, 10:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

21e467ca69dcead11ba3bb6696bd74709658c4a56bd749d89652e88466cc21d3N.exe
Size

7KB
MD5

ee72c0a3b7ba0dce0b73620f6b360920
SHA1

4fd33a3576bb90c5c6652fdb688a6c29e9fd279c
SHA256

21e467ca69dcead11ba3bb6696bd74709658c4a56bd749d89652e88466cc21d3
SHA512

28f4b78eef20f75ab6fc245f871b359a26b9b688483321f4e207f0a73dd95abd796c950c248da5a00a4f04e68c3a091245312029ed70980ead95f32034ca2689
SSDEEP

192:LvBJqAPhpeS1ZK8O3CDHdbzM60lkwiRKy:9UAPo2M3lkey

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	21e467ca69dcead11ba3bb6696bd74709658c4a56bd749d89652e88466cc21d3N.exe

C:\Users\Admin\AppData\Local\Temp\21e467ca69dcead11ba3bb6696bd74709658c4a56bd749d89652e88466cc21d3N.exe
"C:\Users\Admin\AppData\Local\Temp\21e467ca69dcead11ba3bb6696bd74709658c4a56bd749d89652e88466cc21d3N.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2116

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads