Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-12-2024 02:54

General

  • Target

    6bd70382cf7182e467df82774ad35c921c7f82146c1e268fd122619a6eb9ec41.exe

  • Size

    13KB

  • MD5

    b41033d5faa645683f7436a065950958

  • SHA1

    8bb0b09eb76fc43f586ab6a154e708f9186fba15

  • SHA256

    6bd70382cf7182e467df82774ad35c921c7f82146c1e268fd122619a6eb9ec41

  • SHA512

    55547373edd8e3ca77d575a813d9604ce7f906f3d7c998bf79b873dc56979eb8a186321c57cdd67567ddd50a50dc5cc83b6d116f27753b6c375e9895fa7672c0

  • SSDEEP

    192:OEZY89KFIHZqux5cZpej0LZR19HLTRVJxTCqVIdthELOaUC:TZY8YFOZsZowRfLTRVmqVIdECa

Score
8/10

Malware Config

Signatures

  • Contacts a large (1768) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\6bd70382cf7182e467df82774ad35c921c7f82146c1e268fd122619a6eb9ec41.exe
    "C:\Users\Admin\AppData\Local\Temp\6bd70382cf7182e467df82774ad35c921c7f82146c1e268fd122619a6eb9ec41.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1408

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads