Overview

overview

8

Static

static

3

86b88af34c...8b.exe

windows7-x64

8

86b88af34c...8b.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    123s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01-09-2023 18:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    86b88af34c9805fe9dc63e6cbd944029000113676a233845d53081688052638b.exe

  • Size

    3.7MB

  • MD5

    cbd9d3228030fb27c1ef7ac7b1e1dd6e

  • SHA1

    b5412694e482e1d48bacb8f8e6453a36507f4503

  • SHA256

    86b88af34c9805fe9dc63e6cbd944029000113676a233845d53081688052638b

  • SHA512

    603edb8dfce635928ec1fc7c774ad48bb52a0dbdb5d0573c2325d6303e2cd4d9076324adc93678b8cc9524c0965e4a1d2fe10a799a7e9f8fda00815dfe99425c

  • SSDEEP

    49152:WhQ8lPzRnZp4y5C6mB0j4KTB+r5u8QeKxFOJxdb4vZKV8:SllLRnZp4yE6mdVKdzOJDb4v+8

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\86b88af34c9805fe9dc63e6cbd944029000113676a233845d53081688052638b.exe
    "C:\Users\Admin\AppData\Local\Temp\86b88af34c9805fe9dc63e6cbd944029000113676a233845d53081688052638b.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    2275d67ab9d008c99dee8306360b735e

    SHA1

    cd8d6e22232cfcf79ab60fd2c3e72f9fc0c612ea

    SHA256

    2d4bbf731e90391dee95a8ace305f6f456512bf60de17b0c95007f3b85139f46

    SHA512

    d5da1770646f24d5e3351383310adc2b5ce5c5a6eab55c81a81d8544e29561e71f8452c916559850ab3757e5da2c26fd084f0c781f7332a0d5a8feed38b6480d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    2275d67ab9d008c99dee8306360b735e

    SHA1

    cd8d6e22232cfcf79ab60fd2c3e72f9fc0c612ea

    SHA256

    2d4bbf731e90391dee95a8ace305f6f456512bf60de17b0c95007f3b85139f46

    SHA512

    d5da1770646f24d5e3351383310adc2b5ce5c5a6eab55c81a81d8544e29561e71f8452c916559850ab3757e5da2c26fd084f0c781f7332a0d5a8feed38b6480d

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    b347bc838db065322e2208337341696f

    SHA1

    0301c9d23b73c254285d67a38fb327f586734014

    SHA256

    05576b294c513c00aab4c3b644dd583c1bc5b8d3a5c12c92ff0e2d926e04238e

    SHA512

    a54c28dbae2f7a4ac6866e1e8ed4067d5f1b030502693f9504cfbcc53896e36682515b3c58e5f75d86117c750f088e297020c15c417f55da4763ee4b171f4524

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb47AA.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb47AA.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit