Overview

overview

8

Static

static

3

db6c209d7c...36.exe

windows7-x64

8

db6c209d7c...36.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    113s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2024, 20:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    db6c209d7c6d7061b550e584bce5add637ae4048a18854d3537771c23bf6d636.exe

  • Size

    9.9MB

  • MD5

    1fddad087416ea460191a404ec4b3a3d

  • SHA1

    240ac550dccfb168cd568360763264e8704c76db

  • SHA256

    db6c209d7c6d7061b550e584bce5add637ae4048a18854d3537771c23bf6d636

  • SHA512

    ff9daab5f7d454ac651bcbac82f2b2a2713f1170f04f50bca0f2fa2cd38e43a140750d94cea88afb52c66059570eec8c4cee0956fd7e6b70f506ab7071bd745a

  • SSDEEP

    196608:yvS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:yvRrDjtLKkOa8ps6puAktIz

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\db6c209d7c6d7061b550e584bce5add637ae4048a18854d3537771c23bf6d636.exe
    "C:\Users\Admin\AppData\Local\Temp\db6c209d7c6d7061b550e584bce5add637ae4048a18854d3537771c23bf6d636.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2220

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    2KB

    MD5

    5981abb27f81e9e4acdda45344a1d76f

    SHA1

    1b64df24797080b7d2b939c671dfd39d226cb1cc

    SHA256

    a3b3c7c16ef7b8b7928d46aa09d9fd7778d8a528c364fce682e2d82b0f0bc5c4

    SHA512

    4f43bbcae76a88955906667a4b433b6fd7f9a63c2f918314319d4ba90c9c25238af51b1bd0b384b6178e5cef3f196b0fb40599e6f6093f95cc79ee0cab8f9317

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    b06640301228fcb647fefe0f89cdea39

    SHA1

    6e7db8e2e82ab79ade3eb4060dfd64177113303f

    SHA256

    ca0fbf4d7ccd93b061678ecbef90585ef2693a6c6a253191285946bb9cda0f99

    SHA512

    71b79bbb50cd6ffcbfc136a595fd27cfb200188366a73bbf1a5a96ceb77b4295ef9b7440cebbba0b4507062c3c0bea0e406ae842d46e90216f9470bc0d050f77

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    ec1d64862e4b6a292ec270d67242f570

    SHA1

    ec924a6b476e0b1587d1c87a1c97048750ac26ba

    SHA256

    f537c7980be070d3ee612988d718f6af6c089acf0a3d70ef3fd33e15d9166f9a

    SHA512

    dc28280083b65a9229c170df1e69300c3607814299779af8c12b504c00b2650a6248a2dbabf2202160a88245c7a51419575375dbc275e22a285705dc4524d3da

    Download Submit