Overview

overview

8

Static

static

3

6ee60b23f4...04.exe

windows7-x64

8

6ee60b23f4...04.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    02/09/2023, 01:21

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6ee60b23f4bb05dbc37273d0346c6ef2182f9db35fcb5d2b808459812072b504.exe

  • Size

    4.5MB

  • MD5

    26a143057d3525a10373c15278aca979

  • SHA1

    63c91319aa57f64c16c673c7b57a3e78a19a8314

  • SHA256

    6ee60b23f4bb05dbc37273d0346c6ef2182f9db35fcb5d2b808459812072b504

  • SHA512

    3cdccf8512b19c50bd042ca4d98658175ba8b79997c522c0e640506ef2bcb5d5d40a176fdb222dc85ecdb4cd585a0d6c69c285684bdb0a0c466965fd7761f18d

  • SSDEEP

    98304:B9xEpja9gwFK2JcwtTwPAHqx+gKdzOJDb4v+:6p3tawN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6ee60b23f4bb05dbc37273d0346c6ef2182f9db35fcb5d2b808459812072b504.exe
    "C:\Users\Admin\AppData\Local\Temp\6ee60b23f4bb05dbc37273d0346c6ef2182f9db35fcb5d2b808459812072b504.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2204

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          4KB

          MD5

          73ec6e14bcf4f156510592036ae9f0ca

          SHA1

          32a5ae48ba15a7dc6f95b7bd2803319025f637a0

          SHA256

          96de38c57e446bb674db3b75c83bc9d148156da3d0f85f1feeb94c1d1042f708

          SHA512

          ffb42459f6215d676025c9c0416539d2cf550c77ba61a51c8af33488a0d65ccfaa115be06a1738aed52d81c4f23592d9ff8123a41d2f6116012722af7299e62e

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          9609ee5d08980340cd404c23551a91aa

          SHA1

          42d14108092d8c9d4ac4120fe3f8dd0817cdafbd

          SHA256

          57c6109a70ccd79fdc68303d18ec9d18eac59c3f4e5f45e727eb160fb3e775d8

          SHA512

          a66964657c3d8d6319044eb7480d44851565f33dcfaafaec717bd40e266e1c6f7749fea421624d38e69662ee6c61ab2a23c08c5deae3a3c7e8ad67e2d35c9ed6

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb34E6.tmp
          Filesize

          129.0MB

          MD5

          db579794312316aa1138d010287a5dd2

          SHA1

          29aa232b671ea24c281ae1e8e3f4e7620f7c2a22

          SHA256

          e5104fa04845b01df203c4fd295a2183cce1f688154ef23ed73fd7b000edcfb3

          SHA512

          d67ae84449d74b5d2426943c4debd381bbb9234f7854b55d64f05472f8de5f7933bece0084bad92ef700d87b902670d5794fcec697135b6d5c22604e6a8e687b

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb34E6.tmp
          Filesize

          129.0MB

          MD5

          db579794312316aa1138d010287a5dd2

          SHA1

          29aa232b671ea24c281ae1e8e3f4e7620f7c2a22

          SHA256

          e5104fa04845b01df203c4fd295a2183cce1f688154ef23ed73fd7b000edcfb3

          SHA512

          d67ae84449d74b5d2426943c4debd381bbb9234f7854b55d64f05472f8de5f7933bece0084bad92ef700d87b902670d5794fcec697135b6d5c22604e6a8e687b

          Download Submit