Analysis
-
max time kernel
140s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
07/03/2025, 22:54
Behavioral task
behavioral1
Sample
88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a.exe
Resource
win10v2004-20250217-en
General
-
Target
88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a.exe
-
Size
364KB
-
MD5
9fbded06253db293676b1d2cbd4e29ca
-
SHA1
64490bf0aaa24a63fe26e8cbdeda6b2bff3632b4
-
SHA256
88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a
-
SHA512
b5757014f52f0da61aa5187737db800529a3a0bf8ca010afeecf734815b2fb39ab52666a2e24e01a5b7f4b423688607e8c0cbef5593d485f872314041fde936a
-
SSDEEP
6144:e8d1/w5KA81IJ8GpF6nuTmOOUUb8YzRgKDI7Ngyuf1PsJKd3+/wO92Wg:tjYKkJj6GmZUUb8Yd1SgyufJJA9
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 796 88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a.exe"C:\Users\Admin\AppData\Local\Temp\88348b4cf2fcd9376119776472a60bb6e7f870834de45982de200cbf8269345a.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:796