47c8f719a415f4562c9352dce5d8bd681eef63b64c740240aa79f674af4a234f

Analysis

max time kernel
121s
max time network
123s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
29/09/2024, 20:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

47c8f719a415f4562c9352dce5d8bd681eef63b64c740240aa79f674af4a234f.exe
Size

11.0MB
MD5

4ee019f8c182675f47b061c30bd8392c
SHA1

ac2662e7d0c8b8d3522d81ae962ddb21ba67984c
SHA256

47c8f719a415f4562c9352dce5d8bd681eef63b64c740240aa79f674af4a234f
SHA512

c84e9fb910f3c38bb4c2a0fe37fb0745b4ca6bf566a6a8aa17f083243c13afd38b314bf0661d23784ce0b24bed52f11c566cfcf1f8ea28b51e10592b50e6b50f
SSDEEP

196608:J1WWWNNAsS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:J1WdAsRrDjtLKkOa8ps6puAktIz

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
2340	47c8f719a415f4562c9352dce5d8bd681eef63b64c740240aa79f674af4a234f.exe
2340	47c8f719a415f4562c9352dce5d8bd681eef63b64c740240aa79f674af4a234f.exe

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	47c8f719a415f4562c9352dce5d8bd681eef63b64c740240aa79f674af4a234f.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2340	47c8f719a415f4562c9352dce5d8bd681eef63b64c740240aa79f674af4a234f.exe

C:\Users\Admin\AppData\Local\Temp\47c8f719a415f4562c9352dce5d8bd681eef63b64c740240aa79f674af4a234f.exe
"C:\Users\Admin\AppData\Local\Temp\47c8f719a415f4562c9352dce5d8bd681eef63b64c740240aa79f674af4a234f.exe"
1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2340

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
3KB

MD5
8576035a27b36cc1f1babc102a2726a7

SHA1
4bb14fae0333cfcf4711a0cd5acfa2c2a73ed339

SHA256
90db7ce388189eb8b4beb6686a0619fd92a1c5c22809563215a7b8af289664d4

SHA512
76ada6f961f932e7abd0d9775c2320a27d9bd23cff792dcc5d804bd49085569cb910fecfeebad14d5bf825089f58dc3cc13244ad4d842bc3d60d352525357d73

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
3KB

MD5
7fa5f9b45ca2da1bdc905aff52d478f9

SHA1
1e7840fee7ec274db25dc627c9ee71c66cff72a2

SHA256
66980ecca247c8df0a28bccc2f90542ad29b501ad690146448c19bc27710ed47

SHA512
ac04e430b6fca2ee0d4d3123ac0ebcdc452c3c8f39559e904c4212d1e7f05de496b00c4972bc81462dd6e71b8e85fb49622fc4752b217e6c3c4afd5e2e9b132c

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
4KB

MD5
90a23ab800cd9dbd5cc475851e41f493

SHA1
9a8867dc0141b46ea74613e849e18fee4594f671

SHA256
326af830a1fdc41b3d69d23f4ab9dd52d45ea6935ac2851205a53c1f2c012335

SHA512
675a4cd699a8ecbe8a280fb25ac052cdd07e9b52ca2ecf62157e57df9012de0fce38cdd3f2c33296a8a5c318c6dd406e78dd24f6d2895d0aafeeadc34b80956e

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
2KB

MD5
8d2f77a59ae2c68a3af3deaf61b273c9

SHA1
bbd0da1beda6cfa5f8b9a041a232a0ccadcccb4b

SHA256
91a9a8f56d8df26d610763d0d79a81c6aaa625d8525c6cc6f0c891643c42550a

SHA512
8e6445877d12ce6f67177b25fe70eeef089cc170fd95e5970765be136a7a70a4d57eeb1e6c342b66de46fa071289e8c25137a0eec2bd3d75ea76e66dfe96e7db

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
2ca62f3a0834988c56a528e89de2ba54

SHA1
d49a1259b3bf3ef9cc5c6178fe01d6b05f6d4664

SHA256
f51ca4a08052e798a0e98101db8d4e2c85d2319179bd8d79ab5b5d666ef1cc39

SHA512
1e90069c0117998e5a220386736f60884fefcea67b57d70b1a4b99ae72273a356eafd9a5a78a45f09998a7d0782fef59d3b3f1212ee4455708dfcdd8f16c9aa2

Download Submit