Overview

overview

8

Static

static

3

16533b7f7f...ae.exe

windows7-x64

8

16533b7f7f...ae.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    21-08-2023 17:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    16533b7f7f79bf9571845b8042b8e6330e4da6715fbb860469fff8e37d0cf9ae.exe

  • Size

    4.2MB

  • MD5

    04dbedd371210acf1f474d3318fbddc0

  • SHA1

    b724d54e3f2701e8903f11f2c3829ef458d395d9

  • SHA256

    16533b7f7f79bf9571845b8042b8e6330e4da6715fbb860469fff8e37d0cf9ae

  • SHA512

    696d42b913e29cd45a6910ebb08d4819d99df161e411ceffd42ab88b59950316668164b189a67e2bcc023233c4839080bd6a49dc9d16e55df1c9de398eee9493

  • SSDEEP

    98304:1dh5q7noS9h6mvD1PfTLWKdzOJDb4v+q7:1ZqNJPLLlwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\16533b7f7f79bf9571845b8042b8e6330e4da6715fbb860469fff8e37d0cf9ae.exe
    "C:\Users\Admin\AppData\Local\Temp\16533b7f7f79bf9571845b8042b8e6330e4da6715fbb860469fff8e37d0cf9ae.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab9550.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    8e9a5d5cc24fac29e22a39708aa8b0ba

    SHA1

    1206be12f9957fdc67eafbba6c65dd575bee2e62

    SHA256

    1c4af8cddb016f060c8155aaf81ce0d473790c6b7344a6d2b05e72c98dffad66

    SHA512

    5a707bbb259e639af9e4302038da92f20530ad19ea13c43a79f62526a90631afb32f785d9beb1cdbee6e0f3a5abf31344e543ab9008e00338c80a9216f7d3fdb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    88152676e5f724ba12750a70aef49917

    SHA1

    4e8b07d4dd5df7e2b39d1b980b305e8ce4ed8689

    SHA256

    698533199bbc93907fbeaa501b2fb8359d4d50e4c635ad9b45c7d1dd7a86714b

    SHA512

    8d53a30113ec4f5554ac4917c1aa56749b3fce33fd709294d23a2a49d52444e92376fcdcea3e5f530e4e0e679eeee33f25707112f5bc4bb6dc29776230136cbb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    5bde664323c1f9fc4d25715a4d397c45

    SHA1

    3d05fa2f9d9ee448180a1fac7e7da93f5f88ef0f

    SHA256

    83c7cde923851978a13af45c0df8f7669693c42b64c53c2b7043e0c69793f3d3

    SHA512

    3234ab35dd4da9c803ad8a8fd58b6fe6d3f7062ca7c6e13fd2097d094607a2ad1333a6ea340494f9f97fbb172192334248b4fd642515c1c5352ac075e9b6caf3

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    617c47541c3089895f511c80874c66e6

    SHA1

    d87362d48b198c487bcd42d7747595eec5e30b9e

    SHA256

    1be987281b22e3f2fcafc26f9d3dc6c3de2db39fb967ecb956ccfc357d41c413

    SHA512

    671f647af95b0a075419d23e7777feb7a89917ad89d8aabc5a34bbe9469bd4087a52c464362564602c87b128c38e078f58864e0ff9cc45b36e2f9fc71c7c3dae

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8F25.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8F25.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit