Overview

overview

8

Static

static

3

525e75b5eb...cd.exe

windows7-x64

8

525e75b5eb...cd.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2023, 03:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    525e75b5ebe62509d22e82a3eac6ed4ab6bc579da16bc93c39744235e66440cd.exe

  • Size

    3.7MB

  • MD5

    cdee09b91be5ba6afa02942ce8a51824

  • SHA1

    fa0b88289f2da2f30196a8c3a9be41b8c7fd991a

  • SHA256

    525e75b5ebe62509d22e82a3eac6ed4ab6bc579da16bc93c39744235e66440cd

  • SHA512

    53fa723ce269373da58499d5e7e0ef5e0fd1cc92f1ff28e478b74466355574887c031c470705993c96012355ae1911e597d1b774321ffb375e9b7251ef3f5055

  • SSDEEP

    49152:U1bxkLHnzIDgeLxDyLK2QiiG2NtpnB+r5u8QeKxFOJxdb4vZKV:COLHzIDtxDSK2Qi22KdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\525e75b5ebe62509d22e82a3eac6ed4ab6bc579da16bc93c39744235e66440cd.exe
    "C:\Users\Admin\AppData\Local\Temp\525e75b5ebe62509d22e82a3eac6ed4ab6bc579da16bc93c39744235e66440cd.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1632

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    cfef9dd3d52ff8836d32c7ca3ae5987d

    SHA1

    637978447168576d9dea06357c7f4c71860cf6ff

    SHA256

    e909b2f05d3f251e4def07e7076cadf90daba9190bfe8a726137d962c323e0b1

    SHA512

    5d392b8a6f569eb16f5e8ad8d1539d7b09d370f00b947a2f359e29b525aeb0208e93696ec34b84c304dd947c462dc78dee1d25e4e6fc551803963a9241347c46

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    090c4a84384808fbb77225536ab4c05e

    SHA1

    bd4628874c0adcbe0f294050cb7828d59f628bcf

    SHA256

    780815c54071a2d3f00e1cf34451ffab7d0d966ef4d7f958e9148bdddaec5043

    SHA512

    9d8089d5df8d152d09937ee62a547cfe349f4e932d59feabb8eb16e91fac781bc0eb03e560196b1ed1517016c04ddd2a113572cc09184e7aa3b96a0b56af2d6d

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    5c156ca91432cfd1cd884a050ac79540

    SHA1

    0e204c592d7e24f84a02e843cabe7842fe909cc4

    SHA256

    ebb6528ca89f13bda939ff2c4e779c69b60fbe6cccc4a4ff558bcf54d62c6cd1

    SHA512

    6c499002fa0893c6d9430acd2afa270372cd20834a241de44f4a7b327e9e1b187f92893419dbafef16ab285589761eccedfc7307788b6f8b86073b1030c0a694

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb7E92.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb7E92.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit