5d351c814603279e3923154a29861d0f8bc9d0b66716025bfa5f22071c977f06

Analysis

max time kernel
118s
max time network
151s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
08/08/2024, 10:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5d351c814603279e3923154a29861d0f8bc9d0b66716025bfa5f22071c977f06.exe
Size

10.9MB
MD5

b17e9cfd6f8c199e488b2110e45da8a9
SHA1

da0dd0062a4979fd161d3585c08434f1b633adaf
SHA256

5d351c814603279e3923154a29861d0f8bc9d0b66716025bfa5f22071c977f06
SHA512

9707bc8f9df067dbe2f50d5ba01ce9f1581da5a056029603b114eac995e0cec42e8f370874316b5c5145758422b62e5786c06d639c318417e96a8a85fb42317f
SSDEEP

196608:ubGnWW5WySSJ7PbDdh0HtQba8z1sjzkAilU4I4:uKnW6Wy5J7PbDjOQba8psjzyz

Score

3^/10

discovery

Malware Config

Signatures

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	5d351c814603279e3923154a29861d0f8bc9d0b66716025bfa5f22071c977f06.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1572	5d351c814603279e3923154a29861d0f8bc9d0b66716025bfa5f22071c977f06.exe

C:\Users\Admin\AppData\Local\Temp\5d351c814603279e3923154a29861d0f8bc9d0b66716025bfa5f22071c977f06.exe
"C:\Users\Admin\AppData\Local\Temp\5d351c814603279e3923154a29861d0f8bc9d0b66716025bfa5f22071c977f06.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:1572

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
4KB

MD5
01d3b87cf63a9359e8f01deda88da195

SHA1
2ca6b7226a17ff0ef81da4add5ba0de5a5a3c104

SHA256
4ed354d00623f9fef2e12ad926b2085eff1a28d756127021d377ee4ff2092d77

SHA512
35a883c8cee5f9c12fc1a487338cc7020653157919c6d04fc87657f5fdb71e508baab2e355ceef442b8b83c979952bd5ed76555ef81df460e995d88f9841c081

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
34d466585acd0075b1712d743032f746

SHA1
a7f133b4c5aa7794711e8046b9a89240eee1fc15

SHA256
63f650cadd11ac6f7453d4e13e593c3d091e414f7cc63db36d0c3429c1033c69

SHA512
7350ada6c5e98e31d37516f2382a33dd2e5f808ca68853143d72e79c162a39fbb647155613b6ff5ae458bc6934f6984496576d39d9c4a4ccf6747b3f01c0adf4

Download Submit