Resubmissions

22-11-2024 22:54

241122-2vh7gaxmfl 10

22-11-2024 03:27

241122-dzqkcatmht 10

22-11-2024 03:16

241122-dsgc4atlgs 10

Analysis

  • max time kernel
    93s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-11-2024 22:54

General

  • Target

    c145a26dd6d200080c16300456e7c0bc95f2b71f56d94136619e239e466a04a0.exe

  • Size

    26KB

  • MD5

    01a18db18af5cd780eab9bbadd881e8c

  • SHA1

    36728334c4d1bb927310e0f1268b3890f2bd2457

  • SHA256

    c145a26dd6d200080c16300456e7c0bc95f2b71f56d94136619e239e466a04a0

  • SHA512

    ea81c1340b8ddbd9a6e796ddb5b18e55c575ac974dcf66ad40ff188f85ae630fe68fa58c2bddd0aef859b5e3ea31b01ed2ee025c49d06e7a6053bb469de0dffe

  • SSDEEP

    384:fyHccS+efqM7e5at0CdiSw+L0mNBrJKJ0wmQVrIUzf0tWqPWNnokwkwAetW:KHJkqM7eERYSw6ZTwHFIUAsqm

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\c145a26dd6d200080c16300456e7c0bc95f2b71f56d94136619e239e466a04a0.exe
    "C:\Users\Admin\AppData\Local\Temp\c145a26dd6d200080c16300456e7c0bc95f2b71f56d94136619e239e466a04a0.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:3296

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3296-0-0x000000007535E000-0x000000007535F000-memory.dmp

    Filesize

    4KB

  • memory/3296-1-0x0000000000FA0000-0x0000000000FAC000-memory.dmp

    Filesize

    48KB

  • memory/3296-2-0x0000000005940000-0x00000000059DC000-memory.dmp

    Filesize

    624KB

  • memory/3296-3-0x0000000005F90000-0x0000000006534000-memory.dmp

    Filesize

    5.6MB

  • memory/3296-4-0x0000000005A80000-0x0000000005B12000-memory.dmp

    Filesize

    584KB

  • memory/3296-5-0x0000000005A30000-0x0000000005A3A000-memory.dmp

    Filesize

    40KB

  • memory/3296-6-0x0000000005BE0000-0x0000000005C36000-memory.dmp

    Filesize

    344KB

  • memory/3296-7-0x0000000075350000-0x0000000075B00000-memory.dmp

    Filesize

    7.7MB

  • memory/3296-8-0x000000007535E000-0x000000007535F000-memory.dmp

    Filesize

    4KB

  • memory/3296-9-0x0000000075350000-0x0000000075B00000-memory.dmp

    Filesize

    7.7MB

  • memory/3296-10-0x0000000075350000-0x0000000075B00000-memory.dmp

    Filesize

    7.7MB

  • memory/3296-11-0x0000000075350000-0x0000000075B00000-memory.dmp

    Filesize

    7.7MB