Resubmissions

15-01-2025 22:48

250115-2rgjgazlen 3

29-02-2024 16:02

240229-tgwlmsdg71 10

Analysis

  • max time kernel
    10s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    15-01-2025 22:48

General

  • Target

    Sig.exe

  • Size

    1.5MB

  • MD5

    c68c16589a1c06e534aa7a29ed4fe1aa

  • SHA1

    4fdee6b3c80029bd9e64d03a05503b9427844582

  • SHA256

    4d546e62bbd229511c831727642afcd28009f3d293a4e13ea03252abe29ff1b5

  • SHA512

    28f9954fb56bb3d2637ae3a4547b8f1b7a5e335f51265b4845a59b143d1904c303dd5e35d6d6bfeb528e92ad9d85e624b6a9d50789a7b673eb670d8fdcc365aa

  • SSDEEP

    24576:ihgVrnoHu/QSDTV+Bnvu8tOvkTyuhOOPZ1afVyH0VsQ4OttT0:iWhoONVnkTyugmZELsMp0

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

Processes

  • C:\Users\Admin\AppData\Local\Temp\Sig.exe
    "C:\Users\Admin\AppData\Local\Temp\Sig.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1448
  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
    1⤵
      PID:4504

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1448-1-0x000000000040A000-0x0000000000422000-memory.dmp

      Filesize

      96KB

    • memory/1448-0-0x0000000000400000-0x0000000000576000-memory.dmp

      Filesize

      1.5MB

    • memory/1448-3-0x0000000000400000-0x0000000000576000-memory.dmp

      Filesize

      1.5MB

    • memory/1448-2-0x0000000000400000-0x0000000000576000-memory.dmp

      Filesize

      1.5MB