Overview

overview

8

Static

static

3

9690213a24...a8.exe

windows7-x64

8

9690213a24...a8.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 17:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    9690213a2478489a74f98386e95bef4760a95476b35b01bd452d00f252a691a8.exe

  • Size

    9.8MB

  • MD5

    9fb0a92f3a1ed1e02bd08c4dbf1dc7bb

  • SHA1

    f754bfa5ed803ca8fc442d3f9cc5b03518df41a7

  • SHA256

    9690213a2478489a74f98386e95bef4760a95476b35b01bd452d00f252a691a8

  • SHA512

    52530fd1245561d8d74691c0cf8f8b919bb123bc26dd9f0b4cdf7e85e22c95b2e5675481afae958798cd4a224ac70a04f8291c437c08d1022a4708fc854f217a

  • SSDEEP

    98304:OLl/9COfOI3ynzWQQMIHp7w0rbDdQwNSH6uE2Tp2mqSd18z17wF9vVGyWWyfJprG:OxSSJ7PbDdh0HtQba8z1sjzkAilU4I4

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9690213a2478489a74f98386e95bef4760a95476b35b01bd452d00f252a691a8.exe
    "C:\Users\Admin\AppData\Local\Temp\9690213a2478489a74f98386e95bef4760a95476b35b01bd452d00f252a691a8.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2584

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          6KB

          MD5

          d847b16ad0755f3968c63e0de509adf5

          SHA1

          b490981532a97eb90e37b9497704b4e705c9edb0

          SHA256

          491f18ddf9d54df3d052ad514ce06aaaee5f64db0a922cccf3a16490627064f2

          SHA512

          e080b023f21f506e76701b58fd07884cac38254ef4cd494ed4b0611b5c0503ecc7efb73efab76287efd5cd847a97e697cb260ff981b2e8e721df695e6765443d

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          6b1562a841a974b0d01f3ba7b35071f1

          SHA1

          fe14ca1e5c9e81ae7b5dc902ccab99b9ad9d9f7f

          SHA256

          b0ff14973cf57dee48ccc5cb3ee1af30d3b44ce992731da57038cd69238c9d95

          SHA512

          50b849faaad5dbb901f92e53dd8aa57093c7a354d437201c8d7a183a74954650830545490a2f0c9dbc706272ae0dfdeca26744797cd7064aed980127acee0ce3

          Download Submit