1d1c8fcae29d9ae99a16b9d9133158215643c2dc861af6c110e0d234a3585498

Analysis

max time kernel
0s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
23-12-2024 20:53

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

Loader.exe
Size

2.5MB
MD5

401440d84425fb4c73973fd755ebe95c
SHA1

cbf8069239707461df8daf5a6e1d0813a3b90532
SHA256

831539db1b0f991c89177257a6d70c69e2cf6594526fadec1ec2b2273e0c48cd
SHA512

a702b401880b8bf856a93808f9503531475f1b2732299bd28c4b003a1520dbdde1ec5a8df1e9b2eba41a7770b74afbfec3d151e3d09a6077a00230a6e85173a7
SSDEEP

24576:VnY3YLYK4QklMoxHl3ncv5gSSucJoVXXRKSZEuKQhN/UL5Lw+cwsl3RuQ55313U:VncKRgSNXRDsQhN/UL5M+ql3u

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Loader.exe

C:\Users\Admin\AppData\Local\Temp\Loader.exe
"C:\Users\Admin\AppData\Local\Temp\Loader.exe"
1⤵
- System Location Discovery: System Language Discovery
PID:4540

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

Errors

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads