26303008ea7f94e19d856335241011b1399ac3075546dee0a924a35f335f8935

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
06-12-2024 07:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2024-12-06_ba8e91cd1ecf31bb30e9f705fdb6752b_icedid.exe
Size

8KB
MD5

ba8e91cd1ecf31bb30e9f705fdb6752b
SHA1

80db36c87538f6ce1b08cfc35f5bf08c41f5a243
SHA256

26303008ea7f94e19d856335241011b1399ac3075546dee0a924a35f335f8935
SHA512

65580c6446c2571d72393a6466a7aed3de77345b5f0a4573b1c28cc07453a7b196e50f546acbb8f5c170cc0ebe88b58d5e04ce1f842168a226f632876fdae1a2
SSDEEP

192:/56iXvwj608jijUhR4CbvpSC0Ss9Cb+BGih:/5VfRhRZpxA9CXi

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	2024-12-06_ba8e91cd1ecf31bb30e9f705fdb6752b_icedid.exe

C:\Users\Admin\AppData\Local\Temp\2024-12-06_ba8e91cd1ecf31bb30e9f705fdb6752b_icedid.exe
"C:\Users\Admin\AppData\Local\Temp\2024-12-06_ba8e91cd1ecf31bb30e9f705fdb6752b_icedid.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2108

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads