Overview

overview

8

Static

static

3

2c395853a1...20.exe

windows7-x64

7

2c395853a1...20.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    08/08/2024, 10:13

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2c395853a1e120c135facd0f10972477f076432ac78f5fa021cc39cd44882220.exe

  • Size

    10.8MB

  • MD5

    28f2c148f65c833e9bc32a0c6f964687

  • SHA1

    65acc0e49996d2787a12ad16532305f975592ee6

  • SHA256

    2c395853a1e120c135facd0f10972477f076432ac78f5fa021cc39cd44882220

  • SHA512

    6d00a068af3c326ebd6740b0223a2ed81e3ba1efad4d26d8fc64b122799a020be081abe258a61b1e0a5a0f55a7a1929d7c88c79d5c070b5fe114b33b655f6dd8

  • SSDEEP

    196608:6qGPhSSJ7PbDdh0HtQba8z1sjzkAilU4I4:6n5J7PbDjOQba8psjzyz

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2c395853a1e120c135facd0f10972477f076432ac78f5fa021cc39cd44882220.exe
    "C:\Users\Admin\AppData\Local\Temp\2c395853a1e120c135facd0f10972477f076432ac78f5fa021cc39cd44882220.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2604

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          4KB

          MD5

          15119bdc3e45fa32c1ad535c6a0b7def

          SHA1

          6ca1c98d9ba0830595e291416b9b9ad3df179ec4

          SHA256

          c39aa56438122cf6b72a7b1ce4d470cfd6f74c02037ad72725e0b2ef67a255a6

          SHA512

          889199467065f6af32226e91e1b07131e80b5909e33ce81b3f857ae2c41bd34f0bb91a002178288ffe84f700f37d71fa2ee2782ff646e630452ac4c80b535990

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          c834d8c5f761a411d780c7250b2dd49e

          SHA1

          59b0a05e756842b31396fdf663651e82750794e5

          SHA256

          611343754d65b08454e703862ed5e7c6c42143e184bbc4cae70b63a6d456a84e

          SHA512

          6335b16b44ba5095b40bbcdf2e6cc824d71a26142f9a0dba28cc0bd73d451112061fa43d72cb32c8a0c2bc6372d1807ca17626642f22e35365577aee77b4614c

          Download Submit