Overview

overview

8

Static

static

3

def10424ef...47.exe

windows7-x64

8

def10424ef...47.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    18-08-2023 16:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    def10424efeac0cc92caeacce86a89eab2b776f4044ac58c4723425ded0d7a47.exe

  • Size

    4.2MB

  • MD5

    4a1ebf92cfabe5c26c5e6b6c5fdb492b

  • SHA1

    a4204c99d388ad6f1cd8f347d6144b7f0464bc29

  • SHA256

    def10424efeac0cc92caeacce86a89eab2b776f4044ac58c4723425ded0d7a47

  • SHA512

    e4ad068794ff637a98cc3ca69f6ac5acd2d9405a9881c591c444ee5894156ad31c75d2545272c01a339cc1a5080fcaf356458338b296df9914305aa577014bd3

  • SSDEEP

    98304:ydh5q7noS9h6mvDrQqBZm5LJKdzOJDb4v+y7:yZqNvQk+L0wN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\def10424efeac0cc92caeacce86a89eab2b776f4044ac58c4723425ded0d7a47.exe
    "C:\Users\Admin\AppData\Local\Temp\def10424efeac0cc92caeacce86a89eab2b776f4044ac58c4723425ded0d7a47.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    d69daad45bf43fe1e70412647f2319a9

    SHA1

    d6bc0da2ec535a24fe08fc6cfcef1c8602ac0c13

    SHA256

    fd82524dd8fbe0ecde72bbd5e04ffb351bef6343dbd23752174e603490131f79

    SHA512

    387bfda4e648b80240bda060cdd445ee4579df8f17114ac982f56a7e948b3c64ec62d9df29c5249e5eff16fd184f2d56daba2763e681816b59ce28eacc61c702

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    c2cd360db394771807158fa5b5940b56

    SHA1

    e0d58b53264eb2524b8a0a94ae8f31eb4d4c1d57

    SHA256

    239cffa78f8b10169c87c004d305537892f102b9e35749d917bc35884fdef000

    SHA512

    e365303b7401ffcdd048e002a9551d453ba6bbaeb0b09e0efbe2883e5b8c1f8b57d7d309b2298b45d173639a478181d07d4234f15834450b12f76e53059c6236

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb9A6B.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb9A6B.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit