Overview

overview

8

Static

static

3

36fa5d0c8b...b1.exe

windows7-x64

8

36fa5d0c8b...b1.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2023, 15:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    36fa5d0c8bf96e2e8a5e5c6b00df4a40a0ee51c1dbe7acf6a59d2b78577631b1.exe

  • Size

    4.2MB

  • MD5

    a3fab90af0c63dc7a94a2b420143a206

  • SHA1

    1db0cc26af5769c2fa1272bc8200deba0517fa53

  • SHA256

    36fa5d0c8bf96e2e8a5e5c6b00df4a40a0ee51c1dbe7acf6a59d2b78577631b1

  • SHA512

    6c814f7b89e15a9d7b45b808e0699437fc2504cbac1d5724634a4759e0dda265d627b0a0849b3f6ee356ff5e0c120278383d79aceb26ce5912264fa464e5daf8

  • SSDEEP

    98304:1dh5q7noS9h6mvD1PfTLWKdzOJDb4v+q7:1ZqNJPLLlwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\36fa5d0c8bf96e2e8a5e5c6b00df4a40a0ee51c1dbe7acf6a59d2b78577631b1.exe
    "C:\Users\Admin\AppData\Local\Temp\36fa5d0c8bf96e2e8a5e5c6b00df4a40a0ee51c1dbe7acf6a59d2b78577631b1.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    7ca1911fc257c593e4e1b9bfa0f57b4a

    SHA1

    a4390ad3918ac90bbb5ace692dc0751f30c64a19

    SHA256

    4de55b7631606cef2a07b0a00a10301cbf1402e4bebae438d854707e90a5a2c9

    SHA512

    30ea75fd2e6b5ed17ad1da81e9f7c6ed61785b1ded4c7b589918f11c7d201fd5d2bddbfba5606147a8b770d9d3339505c1339a9ffb12e8059cb4940b667b312e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    e56cf280acdf95a4c0e7192ad36f74f9

    SHA1

    f6b2d84d19f742b46c568e00850a966295f98793

    SHA256

    dfa96f611826ec4e265260f4c17be59bb08452e8f829a7d9452610a22b96dd61

    SHA512

    d441c7efe8bef33ba403dcd0f373975c4a1c6c05b2dba582527a477f35c7201505722dd11c0d4f8b000e2c32230f0d7b649ca805bfdb9dad662708c4fa8dea80

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    82341cc83d664f74cb39fa6574681e7f

    SHA1

    4d90e83db9d93caada8b0ae452d7b9eccb6566de

    SHA256

    29f472ef67d59cdb8c72542d5007f38961bea5c96d6c3fc985cb2863f6003d93

    SHA512

    65511c3f43ea4fdd74ad374074a711b22616e4046051cabc6b58b826c280be955643a91238dda1dfb55bb3c605a9137825c420b2b50294615ecee75caf74dc43

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb80E3.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb80E3.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit