Overview

overview

8

Static

static

3

f531a3adae...01.exe

windows7-x64

8

f531a3adae...01.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    165s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    17-08-2023 22:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f531a3adae5cc81978238b7f5c36b4a04b7ca76becb2dc2768dbbceff1028f01.exe

  • Size

    4.3MB

  • MD5

    6d67b16183fd11ebb0a65119becdc537

  • SHA1

    0819eb5a597c22ad1d79da41f336913855f07578

  • SHA256

    f531a3adae5cc81978238b7f5c36b4a04b7ca76becb2dc2768dbbceff1028f01

  • SHA512

    04a1cf5443ded5c79fa39dca96c076a8c64441fbae3add12a3a0f31349625c37d308631a7a41294aed089a49e765e534ff9c6f6253c08f3e5fe4cc840a1fda2d

  • SSDEEP

    98304:/OLHzIDtxDSK2Qi2D1jmyEXLvDKdzOJDb4v+:c2REXL+wN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f531a3adae5cc81978238b7f5c36b4a04b7ca76becb2dc2768dbbceff1028f01.exe
    "C:\Users\Admin\AppData\Local\Temp\f531a3adae5cc81978238b7f5c36b4a04b7ca76becb2dc2768dbbceff1028f01.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2804

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    4ba6c81715114a6154df5af5baf6bc74

    SHA1

    3add5a0dc30987f5c423530aa0f073e1c8e54727

    SHA256

    dd295c3f65b0ec45f956a204231f9c4e9f43a7000a00eb922b475d0bf10fa54a

    SHA512

    2fa60d86128bc80d385f0a27b473f17213087d606b3f7135120638f177c02cf5e90986a4867848e9bda8611b8082eaa644881a50f6ae6aac072f8aa4ecec2ec2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    5a7b9a27183526c05366ee0048793507

    SHA1

    9bdaa2aae0e1f0f71a1c8e079a684d15fb8f88bd

    SHA256

    9d49391af27c1d82d643a9bf4bada1e070d0c14474d3cc4bf0a7597f2c875a1e

    SHA512

    0348d0f889fb9aaeafe6fe3ce19766665e633f5687b23d34ac167d09f6f625ae4b09cf30aad2b67168796e4b41ea8c9bd3e427d3c264c9803ebba2cca28f9fed

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    d45e2db68ae597d4e632f3b87895a33a

    SHA1

    c5bc0a03d5b4d4006469473bc916925e0e785b5e

    SHA256

    e424984b24cce10bd82e3f8e94bbb18bec9ae41a9345747c2da4800daa6f79c0

    SHA512

    2431aecebe814f7b9ba662d25fe271aa922b1f7b8a062e8157cfa40743b4ed700ae5cdc5f8e260641742c8fa13c89f29196edfdf1123534fd3dda4844748bd68

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybBFE5.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybBFE5.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit