c548a7215d269e5ce651e875f40e950d55ae0b12eeae30008bef011454cea1c9

Analysis

max time kernel
147s
max time network
148s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
08-09-2024 11:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c548a7215d269e5ce651e875f40e950d55ae0b12eeae30008bef011454cea1c9.exe
Size

10.9MB
MD5

c5bcdd6f17a32033fffe97287dd1134d
SHA1

8045e1c0b8865e206b18881e276019c1aaaa52a5
SHA256

c548a7215d269e5ce651e875f40e950d55ae0b12eeae30008bef011454cea1c9
SHA512

4a31a94b61dbe4921630b96e1634745a6f38c3e4c7ee7a240ced73120e03dd5f8a9a8c553213ef716413abe93298eff540e3d3252f28fa1db98cdc6cefcead40
SSDEEP

196608:FUWWPa65SSJ7PbDdh0HtQba8z1sjzkAilU4I4:FUWW5J7PbDjOQba8psjzyz

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	c548a7215d269e5ce651e875f40e950d55ae0b12eeae30008bef011454cea1c9.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1868	c548a7215d269e5ce651e875f40e950d55ae0b12eeae30008bef011454cea1c9.exe

C:\Users\Admin\AppData\Local\Temp\c548a7215d269e5ce651e875f40e950d55ae0b12eeae30008bef011454cea1c9.exe
"C:\Users\Admin\AppData\Local\Temp\c548a7215d269e5ce651e875f40e950d55ae0b12eeae30008bef011454cea1c9.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:1868

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
9KB

MD5
88e59c7b7165a54c1fccab73b0ccddce

SHA1
5c90d493d9114ca299f3aeb499c12816302434ad

SHA256
10b401f19090babeae11e028c65b48ac40ac377af577c8288be6b16d986f7486

SHA512
479d52db9e28f3ffcac55e9dc59f7561c2d033cbc4ec364a768a631a03a3ccbc45c7433b6b4ed743e9a34535d10034ad8d6c378c03ba07b639671feaba1496c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
2KB

MD5
fd7a7488e30050543ccce0d9796523fc

SHA1
24b21ca7779b3c7ad1584e7427a9af06356bfe40

SHA256
1e0969a61cb473e4768e7787cd9d6ffd2b8cea9291edc8a8050abf555dada7e8

SHA512
97bad15869420f9543c3b4f807071b29485a48588c9a7af0337008c531bd3cf78184f1045b2bffb126bacac92bab771c7b1ebe412885af1640ce551975d33516

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
3965cfb8141ba26f5903358c7b542121

SHA1
c5a61cc8488d576a7944942dae1ecc9fe280e00e

SHA256
b08482ba2d887feba505e012340d37798aef65f339c3847480dbcd9e3d23ddee

SHA512
ac8450e3386ec835f8804bb160858f58283d795a2051106784f3189ad20932b353a75f3c14d2332fccf3a52637a7844319f77086d12337d38b01b7257edc967b

Download Submit