Analysis
-
max time kernel
10s -
platform
windows11-21h2_x64 -
resource
win11-20241007-en -
resource tags
arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system -
submitted
15-01-2025 22:48
Static task
static1
Behavioral task
behavioral1
Sample
Sig.exe
Resource
win11-20241007-en
windows11-21h2-x64
1 signatures
150 seconds
General
-
Target
Sig.exe
-
Size
1.5MB
-
MD5
c68c16589a1c06e534aa7a29ed4fe1aa
-
SHA1
4fdee6b3c80029bd9e64d03a05503b9427844582
-
SHA256
4d546e62bbd229511c831727642afcd28009f3d293a4e13ea03252abe29ff1b5
-
SHA512
28f9954fb56bb3d2637ae3a4547b8f1b7a5e335f51265b4845a59b143d1904c303dd5e35d6d6bfeb528e92ad9d85e624b6a9d50789a7b673eb670d8fdcc365aa
-
SSDEEP
24576:ihgVrnoHu/QSDTV+Bnvu8tOvkTyuhOOPZ1afVyH0VsQ4OttT0:iWhoONVnkTyugmZELsMp0
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language Sig.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\Sig.exe"C:\Users\Admin\AppData\Local\Temp\Sig.exe"1⤵
- System Location Discovery: System Language Discovery
PID:1448
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:4504