Overview

overview

8

Static

static

3

bf11029f54...2d.exe

windows7-x64

8

bf11029f54...2d.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/10/2024, 12:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    bf11029f54e690c1324467c544612ef0ebc519e67899657b70f104b38c0bb12d.exe

  • Size

    11.0MB

  • MD5

    d887950e7549d88a293ce3fc5e077737

  • SHA1

    d2f78ee3c4948c364b09d06c8e03e58f3f20146d

  • SHA256

    bf11029f54e690c1324467c544612ef0ebc519e67899657b70f104b38c0bb12d

  • SHA512

    628f5075ca9b501e502f0d26eae2c49c6e414d29d06074e0a8155109f252703f832b1ee16b5ffdeab0aadd937d5cfed3b5d25f3ac03614af536589d9020da478

  • SSDEEP

    196608:5lAWWOUJYS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:56WtUJYRrDjtLKkOa8ps6puAktIz

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bf11029f54e690c1324467c544612ef0ebc519e67899657b70f104b38c0bb12d.exe
    "C:\Users\Admin\AppData\Local\Temp\bf11029f54e690c1324467c544612ef0ebc519e67899657b70f104b38c0bb12d.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2960

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          2KB

          MD5

          ca3b0ebf63e194a13faabe4669b927e3

          SHA1

          3d455348b7f601805aa9a5ede48571890338d7c7

          SHA256

          36c9b7ee52e323752b23327b9ad4fe07d0bf366a2f293f40431b76495bfef3d0

          SHA512

          5eef4eb132765051dc07f322e619e91e5eeda5a7da942e303f2d77325f924217d5cae5e5d3db74427a53293a0e829b1489be7994e3bd40f3af1620a522b84eb1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          9KB

          MD5

          b827b94487f34bcb43e66e3569aa0588

          SHA1

          b15f1b8c8caea7bf502d9c7a512b0380b80af49a

          SHA256

          19071bb9c75efbbfd17dce1f824b117bb03f6e4206e440d5c7a1f5e71fc3c6be

          SHA512

          2f5e9f312f0900d3a97865942ddc080ca89b1382cbf7cc644f10e1cea4f1f0a79304325cbd25231a87cd37574f710e05e2c63212b7a456053aa2c8caef74d432

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          a0e1ab15711f23026a076d6a4d7fb332

          SHA1

          bebb345a476ffc6c3cd7bfefab45f4111d605486

          SHA256

          b25a001d04eefd48b53df3d1cf037d0c9f623937dfe8343563906fa5c127901e

          SHA512

          2242d054d42a48b8aa0e7e6672718897b90b7c0b99fd31f59fb8c4795c43a153cd8541a28ce240ffc4ae50ea5eb8e844beceaad266807c307e62a3cf909a19dd

          Download Submit