Overview

overview

8

Static

static

3

0d0b90fa28...aa.exe

windows7-x64

8

0d0b90fa28...aa.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/10/2024, 17:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0d0b90fa283b546352f20eb814543d2e6e9e0391044499712140d6eac8b59aaa.exe

  • Size

    11.3MB

  • MD5

    e3f1c3b9bad4e6eecbc15248a9a3f5f1

  • SHA1

    0fb5c0eb3afe5dca042d110562d0da698931382e

  • SHA256

    0d0b90fa283b546352f20eb814543d2e6e9e0391044499712140d6eac8b59aaa

  • SHA512

    a8f66c9d9b385a253eab919966ea789d4f42956241779b31d8a43f53ecab001d41a370934c704d63e00561708a6d2d04697c76ed65013e049b20453fbbcec7e8

  • SSDEEP

    196608:RXFGPpySVf+6b9oDdh0qTRxa8z1sULDSe9a+5crvT9YqS4lU4I4:RXVuf+6poDjBTRxa8psYSUa+arvSP0z

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0d0b90fa283b546352f20eb814543d2e6e9e0391044499712140d6eac8b59aaa.exe
    "C:\Users\Admin\AppData\Local\Temp\0d0b90fa283b546352f20eb814543d2e6e9e0391044499712140d6eac8b59aaa.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:4844

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          2KB

          MD5

          853dbdd50501f7042346e8cdd3cb666e

          SHA1

          2e20fe9775d16d8a323305bf6d24a8c7a0e54326

          SHA256

          71e16fc1119b2f820f339cf32d7a26fbfc538be11bfc13763b2ef9af32f43db8

          SHA512

          67e886a6907a5f6219ad316d852bac3db52529b69ebda6297362753331ba49c6056d8027835809419739339bcb29d4e0f1ae1a988fbf496ed023c1321810253d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          10KB

          MD5

          14ae59e31d4444240acad079eb7971e1

          SHA1

          422ab1a30ea31d6610cfa0cfba2a4b30e2a40700

          SHA256

          f42a1128d23bd45f7b48ff5525c80516ed912596a3638810e87114e6ecc36b65

          SHA512

          bf7865ef50d6f8bfb5b7136991de4ab1a000f12afd1c627f63b6f77765fcc0dcaf61527791fbcd44db3aa595d114dc4fc2c1a2950c0fcc9d25fe02314231965a

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          52c6bac1e218ba93c57e81d9abc7008b

          SHA1

          c0235a0c706774fc060134a8dde0cb45d1e326d9

          SHA256

          ab14f22d88490617bb63b2565dcc34e0b20d78e378073b64d865dc97d68f3ddd

          SHA512

          415548cc55d69ce31959f4d93d14de7d89febfc6d0c410e998678026fcc0514c2c3464e00f8b3d0d5aee9db5c5052a5a8ede333f90dcf0884166b95376157604

          Download Submit