01e89464e25e269d35d91d30044c88132a98549c54f8f93f4372eeacd500657d

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
11/12/2024, 23:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

01e89464e25e269d35d91d30044c88132a98549c54f8f93f4372eeacd500657d.exe
Size

3.8MB
MD5

73fb1991593c640eea7f1b0a190558af
SHA1

e63bf3cd2003cba7bd53c73feba020584e49008c
SHA256

01e89464e25e269d35d91d30044c88132a98549c54f8f93f4372eeacd500657d
SHA512

ebc5f918a6582f8de3a33d9c60a51ec7892057b1716257f5fcba9e0f710bd0e353439423719c2d722e5208936a3233401fb58dcd5109e6e64132c73b18392472
SSDEEP

98304:/K+VOO1zvpql2QFIvOXpAE3gVTHtrZmXU4Q0QMzh0EbGtzWpZcgkOaLQpDnV:/K+VOO54QGV0Eq9Wp+ROHprV

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	01e89464e25e269d35d91d30044c88132a98549c54f8f93f4372eeacd500657d.exe

C:\Users\Admin\AppData\Local\Temp\01e89464e25e269d35d91d30044c88132a98549c54f8f93f4372eeacd500657d.exe
"C:\Users\Admin\AppData\Local\Temp\01e89464e25e269d35d91d30044c88132a98549c54f8f93f4372eeacd500657d.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:2488

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...