Overview

overview

8

Static

static

3

e3d327b23d...ea.exe

windows7-x64

7

e3d327b23d...ea.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    28/09/2024, 22:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e3d327b23d2810bc55c8a41d98590b1c424752f759bb60ffcb14a734536c13ea.exe

  • Size

    11.0MB

  • MD5

    64bb247488291d7506032fffbf15d7fa

  • SHA1

    2db6ec24da1fa99215898deb946e68a9aae4ee3b

  • SHA256

    e3d327b23d2810bc55c8a41d98590b1c424752f759bb60ffcb14a734536c13ea

  • SHA512

    2fe9f3919b771d537847728e4262e1a10297334f00adc4e7b42c89f6b51c24b3259e1b9ca4433ef10e743d74326feaa81c0a83211dee139cf1c8fc66f87f64cd

  • SSDEEP

    196608:J1WWWNNAsS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:J1WdAsRrDjtLKkOa8ps6puAktIz

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e3d327b23d2810bc55c8a41d98590b1c424752f759bb60ffcb14a734536c13ea.exe
    "C:\Users\Admin\AppData\Local\Temp\e3d327b23d2810bc55c8a41d98590b1c424752f759bb60ffcb14a734536c13ea.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:1480

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    3ad115479d9365185f591260da2d7fe7

    SHA1

    38fdb8f473712080ff4ddbf87ca14e55e8143c9c

    SHA256

    1fd9d54fbbf1a0b5d66384beeee2dbb303491ef34c0a99617cd3557ca81721aa

    SHA512

    badb4cb50ed7e7217e2e19d3205d9a1ad10c5f2234516f19ce9d7bb659f097cdc6d8fc9793a0b1a0fa231f49864998594f2de2dde5ba3682104c1b7cafbaa301

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    d6c646c6356d248b75933af63b1e37ae

    SHA1

    fed3124eba2dd1aa57bf1e752167eabd831ccf45

    SHA256

    95c63b70d15e6e20c3b8e4d2934830e762233c570ddd8366da1f9c5f4afffbfc

    SHA512

    d850dc5dd49a25be21352c8ae7d1f98d404466630cf8230c0d1153bf3c049311f166dd9816320df9a82da365c4d523e0bbc09dd1c0f9a50a56a1e5208d1168fd

    Download Submit