Analysis
-
max time kernel
1633s -
max time network
1653s -
platform
windows10-ltsc 2021_x64 -
resource
win10ltsc2021-20241211-en -
resource tags
-
submitted
13-12-2024 18:01
General
-
Target
The-MALWARE-Repo-master/Worm/Blaster/DComExploit.exe
-
Size
36KB
-
MD5
d68cf4cb734bfad7982c692d51f9d156
-
SHA1
fe0a234405008cac811be744783a5211129faffa
-
SHA256
54143b9cd7aaf5ab164822bb905a69f88c5b54a88b48cc93114283d651edf6a9
-
SHA512
eb25366c4bbe09059040dd17ab78914ff20301a8cd283d7d550e974c423b8633d095d8a2778cfb71352d6cb005af737483b0f7e2f728c2874dc7bdcf77e0d589
-
SSDEEP
384:fqiTD8SZzK3+RsiqnZImlYEyx1ml8z0iuKo9oMbNp8SNYLJJ:3D8kK3ViqZx1MuKo9od
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Worm\Blaster\DComExploit.exe"C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Worm\Blaster\DComExploit.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations=is-enterprise-managed=no --field-trial-handle=5336,i,4931345718161570516,7922954771140051020,262144 --variations-seed-version --mojo-platform-channel-handle=5456 /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations=is-enterprise-managed=no --field-trial-handle=4644,i,4931345718161570516,7922954771140051020,262144 --variations-seed-version --mojo-platform-channel-handle=3824 /prefetch:81⤵