17b4d01d32c64a62e36496829da323fe308437048ca87143de7365fabd4194fd

Analysis

max time kernel
570s
max time network
362s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
22-11-2024 03:25

Target

e6c4ae470977aa78d1005746ae05deea0bf3b4260f88865662a35f99b2559dbc_not_packed_maybe_useless.exe
Size

54KB
MD5

bc6a67d5665ccfba24c093da2a606d9d
SHA1

5bca38d447165307087df43912f4b15b43c934a2
SHA256

e6c4ae470977aa78d1005746ae05deea0bf3b4260f88865662a35f99b2559dbc
SHA512

5b25e0b84414cfe3ea35948d82274b73f1d993c2403503572fc6fb4520bfeae64ee55d014887db1667419f6847720e4b12bfc6c227f68e22d2d42f193d2ad820
SSDEEP

768:emX2MKhRw7+am7nx3h1OPG0H+l65Fuj0AjmWTbsbIK9QnjVPO1xPao1X7tiHC:egKIqamtRMPJQoh2mqxTnjVPti

Score

7^/10

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

System Information Discovery

Processes:

e6c4ae470977aa78d1005746ae05deea0bf3b4260f88865662a35f99b2559dbc_not_packed_maybe_useless.exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-3551809350-4263495960-1443967649-1000\Control Panel\International\Geo\Nation	e6c4ae470977aa78d1005746ae05deea0bf3b4260f88865662a35f99b2559dbc_not_packed_maybe_useless.exe

C:\Users\Admin\AppData\Local\Temp\e6c4ae470977aa78d1005746ae05deea0bf3b4260f88865662a35f99b2559dbc_not_packed_maybe_useless.exe
"C:\Users\Admin\AppData\Local\Temp\e6c4ae470977aa78d1005746ae05deea0bf3b4260f88865662a35f99b2559dbc_not_packed_maybe_useless.exe"
1⤵
- Checks computer location settings
PID:2252

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

C:\ProgramData\fjpnrwuutgmtath

Filesize
52B

MD5
b0304db30d33117ec0b5c29e6318e28f

SHA1
c1207d480e3fef671d2e4ca57a8bc5bd4deac7ac

SHA256
5e9c0c9ace2407ef793d68fbb8a46cca09c499a0a74309f397a2ecf15770c97b

SHA512
2976df7c9cb91770d4f652e78b3a3fca5f8729b942ccc82e1b0d7342333d5b635e417c440d4ada349001e90cd511e13779c7f25efa65773fe323853acd01c734

Download Submit