Analysis

  • max time kernel
    106s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250619-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250619-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/07/2025, 19:24

General

  • Target

    3b0797ff465d975d7660453fc8f389de5959ecc0031142bbbd5bac4c4910ccbb.exe

  • Size

    9.0MB

  • MD5

    ae53c93ca5db9204fd20ee710ffaedbc

  • SHA1

    fc8572eb3888406ec5d7da8a95a4ea6407c75123

  • SHA256

    3b0797ff465d975d7660453fc8f389de5959ecc0031142bbbd5bac4c4910ccbb

  • SHA512

    39ed41eb3f6a7014f58a3a970ca3c474c69d3b4bbcf7d931ddffcb8449a1fa75bcfc920c0ec1cd961f4285f819f93c9cfeb785ec76e344e7506f2647f8090085

  • SSDEEP

    98304:gt2MIp9vm4n4xNTEY9xFUkcVwNSHfbv/kaIhThwMlEu:Wcn4NTx9Pe20/zkaiuMlE

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3b0797ff465d975d7660453fc8f389de5959ecc0031142bbbd5bac4c4910ccbb.exe
    "C:\Users\Admin\AppData\Local\Temp\3b0797ff465d975d7660453fc8f389de5959ecc0031142bbbd5bac4c4910ccbb.exe"
    1⤵
    • Downloads MZ/PE file
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:4860

Network

        MITRE ATT&CK Enterprise v16

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log

          Filesize

          2KB

          MD5

          9c532044bc00af45e40d04833ef4aec8

          SHA1

          19286a5fefa8272677c87ab0253864c56c26ee77

          SHA256

          86849e4117cc96fec8d3954a81889637c0b846e71ea19b6f7f42a31d3ebfce97

          SHA512

          45b0e06c0215433b44c1676891452ee692b5e70384f00541a9c658706422fee4185589f9cb2abdd2e8d37878ceb097c19e519a056772bb08c1c8de828c1af5a0

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log

          Filesize

          7KB

          MD5

          bcca0afcc2940a8b8d16ca95ca16eb1c

          SHA1

          a40c39e289e51693ed19f9584b1eb7c044852743

          SHA256

          8b124ed39c790eb7ff43b086245412ebf29945e3460fbd8d9c19801b7ba58c91

          SHA512

          3bbb1356720057f5a7b79e9b95e203ad1b5cdc2bd50c2f706dce26cbc7d2c246b74e876ff5e7abf2b1c485f90387618209cdee5977471be70c89b9a1130063dd

        • C:\Users\Admin\AppData\Roaming\Yandex\ui

          Filesize

          38B

          MD5

          27df2185e47bf463168ac207ec92ce18

          SHA1

          6d67963a5287be35c534699c5c9ea0c86c71882b

          SHA256

          e84daf7b6d347469aa9c7c884bcc7ffd437c96ff33a4abb60ab1e109c132a4db

          SHA512

          761bf715dd0035843de4ab8456083225f83d1af257ccd931cfdbb91aaa7726254a8a56e8a0be4f65fcfdd09070cf22139555c64bbda6a1c127c7b466070d58f8