Overview

overview

8

Static

static

3

a51f6da4ee...e6.exe

windows7-x64

8

a51f6da4ee...e6.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    17-08-2023 11:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a51f6da4ee19cf3dd3ab9658f8f0a75c39bfdf8bf3b0df00f9f2361b0720cee6.exe

  • Size

    4.2MB

  • MD5

    a634a3f85a554c2025a0ecadb5b0c7a3

  • SHA1

    72b73a29d6e9d202864d610cebf6d398e7b2a957

  • SHA256

    a51f6da4ee19cf3dd3ab9658f8f0a75c39bfdf8bf3b0df00f9f2361b0720cee6

  • SHA512

    46cce6bb67e3c4182ddfea8d9287173d48ba516d62dd3ea68322a676a32ce6de22d884c883b52fb08736369d2a6702c4ded6bdefa09730944071a18520b2132f

  • SSDEEP

    98304:1dh5q7noS9h6mvD1PfTLWKdzOJDb4v+q7:1ZqNJPLLlwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a51f6da4ee19cf3dd3ab9658f8f0a75c39bfdf8bf3b0df00f9f2361b0720cee6.exe
    "C:\Users\Admin\AppData\Local\Temp\a51f6da4ee19cf3dd3ab9658f8f0a75c39bfdf8bf3b0df00f9f2361b0720cee6.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    ca6f5076a1e9205ca825816cfc159ff5

    SHA1

    230206a639db254c39bb1cb6d32362eae08d0508

    SHA256

    faf8f9d4ab1f099b20c3cc496e5fd397b37cafa6c5a58ecc97b4f4fdb4e10bb6

    SHA512

    be99d5027773de19cd839013be2923776862439f0c3e32d62fd657fc6bb792346953afd64fe11ab1b57ee0d16fff438f6aecea015aa97ce00735ffd9ac1cfdd1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    8KB

    MD5

    8cb90e6b865bbdcf9a20171196665fef

    SHA1

    e39ee01f9c160ac560886ac7703b42cf9319b8be

    SHA256

    45d1692ccd795672f5168e635e6bfbb986d5607bb02bf7523fa62322db910881

    SHA512

    55e193aff21eef04f9404a90289fc7fb90aac8711920d3e1c7acd1c069d3887a7dc4833e1575190d61905d50663edebe24902732bc5bbb895778fd3d7dcd90d9

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    318bb7f0169c07d0f79bafc479784206

    SHA1

    d20644d3848629a63e796d616757b743e01c672e

    SHA256

    3a917fd735cc5ce57e12dbf17c7511f43d93226b94192488a776eb7fcc8ec587

    SHA512

    8317664f232a5a7893234804b4b9e097029c4f4ae56f3facd9eebe0c753eff41bd30257706418dc5a35bc8537766539634fe726f349c954e0d0a4a407a670fc1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb7B19.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb7B19.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit