Overview

overview

8

Static

static

3

36ebe39a6a...84.exe

windows7-x64

8

36ebe39a6a...84.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    45s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    21/11/2024, 05:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    36ebe39a6a6e102d669a588cf3a55653d0c70032cbd648da0be2fc6ca1437784.exe

  • Size

    7.9MB

  • MD5

    1fd3702034a0519bfcd339b67de50b7c

  • SHA1

    f5751af1ff958cfcaaf7c186944b0fb82e01985b

  • SHA256

    36ebe39a6a6e102d669a588cf3a55653d0c70032cbd648da0be2fc6ca1437784

  • SHA512

    185b2d83b77e3e674c84b08aacbc43de2ddc7752562b6454b993b3b6500af1150ea87c0249e089e303ab4208ab8e408bc62fcb7a37a417a421c8a1ac7617e3bb

  • SSDEEP

    98304:Xg49ZaYwsmJdj9PfPHRCjNTEY9xFUkcVwNSHfbv/kOIhThw6Q1f+hl/hjY4+iafD:XgP34NTx9Pe20/zkOiu1f+79YRck

Score
8/10
discovery

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\36ebe39a6a6e102d669a588cf3a55653d0c70032cbd648da0be2fc6ca1437784.exe
    "C:\Users\Admin\AppData\Local\Temp\36ebe39a6a6e102d669a588cf3a55653d0c70032cbd648da0be2fc6ca1437784.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:2412

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    12c10bed43f56c5f115cc85d72f7b05f

    SHA1

    f35838d30f5533ce6a327e47799c7461fe8268d6

    SHA256

    d7a59856f2074e88f6da155f90084a10c0bc996c6bb47ce4185b44786f10ec6c

    SHA512

    2b9f19c2e7b30bdac1d7902a84173ecda19e00ac7a08c4c3f1917bd90a21798038f821912d5802a422296b00c76715c6a2e075bc321dd213ed4707b74a8a83b0

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    76da17c6aa24ade2e7cd6c2723c321ff

    SHA1

    f7e2a07eb308166ef4782ede447ed41a6ba02a65

    SHA256

    1ffa960db03553e656858f95f9c463a2388a67ccf8b4b96664ac7cf7e791c2ff

    SHA512

    baa9c50459aa3e60451b0488364b4213a6df99ab4b7a6887b1df78826455d54a199572f50909a0bd947ef923980145390a50788f79a9f88e18bef99ed9ed6b7d

    Download Submit