Overview

overview

8

Static

static

3

af1d0504e0...37.exe

windows7-x64

8

af1d0504e0...37.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    142s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240910-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/10/2024, 17:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    af1d0504e01bf8c25714871ed6e604e84b30ac9144fa6b86980decc7a604c137.exe

  • Size

    11.0MB

  • MD5

    b2373602238b8834adf249708d2ff697

  • SHA1

    8e19369671dffcb5f77638f2954dced18f6d5b3b

  • SHA256

    af1d0504e01bf8c25714871ed6e604e84b30ac9144fa6b86980decc7a604c137

  • SHA512

    4a71cec4f0b0d8ec04195400645745f4e14ca120c526dbfadb7a378179a09cbbf81625717bfc20599e7d4a993f85367fddb4ea2ff79ab927f9a2f6ed3a2be734

  • SSDEEP

    196608:5lAWWOUJYS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:56WtUJYRrDjtLKkOa8ps6puAktIz

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\af1d0504e01bf8c25714871ed6e604e84b30ac9144fa6b86980decc7a604c137.exe
    "C:\Users\Admin\AppData\Local\Temp\af1d0504e01bf8c25714871ed6e604e84b30ac9144fa6b86980decc7a604c137.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:1880

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    2KB

    MD5

    eed9299267c3ff4373145ca9fcb9a3a0

    SHA1

    638ccb8e2556eb9f74d55f9fee02daa38b95a6db

    SHA256

    f14df2b9c1ddb114e1fa2efa3402096a41990e25ce5105e48f226a7d84545f75

    SHA512

    88e8b3151927ef7454473a27348a333fd5fb47f2084f94227f4f830850198bded9d2445b1f96a21c923b55d9f6f9af5c59525bd455d848fbd9769cd59f0f7b4b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    9KB

    MD5

    0f6e2f9c13fb5064b7c68c60fabb39c9

    SHA1

    b3c00ac80859de5679e3a2d5971aeaddfdc694ab

    SHA256

    dbf3f07126167b3db9ce30557dac9bc988a40dc03091e1fbd0578ba0f34e7e01

    SHA512

    860ee21eb8fb557cb51905832b077e82135ac7eb610abe1f648ac7e72c7db75ba1656f59d777de3056c37c7e8f6acf5d883ca787cdf54957a7d8773a28edd554

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    4d580b61c2fa6eedaf327a062233976e

    SHA1

    cd8ff38a82a5838bea7a8a0ffc29142b92a6e61f

    SHA256

    6fa73d42b09f7632a068714841d428622369904b5d87ff118764d10da7d82a9f

    SHA512

    27cb8c27595f556cdafb4e42658bce8c6fa4f0b641f1d637bc0cf35bb05990abf658e419dfe205749b858b95abf98e5d47ad1a8bba390e1bd036387ba65c4e2a

    Download Submit