Overview

overview

8

Static

static

3

22562822d2...83.exe

windows7-x64

8

22562822d2...83.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    04-09-2023 08:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    22562822d239afdee4e975bd2ea9864cf21b28c443cda9755ea4b7cc93ec2783.exe

  • Size

    3.7MB

  • MD5

    5e1213ea57e9e994d57cd9657a11b755

  • SHA1

    cd0bd1f3ffb4b0294d9fd14cbd04d49d68e039fe

  • SHA256

    22562822d239afdee4e975bd2ea9864cf21b28c443cda9755ea4b7cc93ec2783

  • SHA512

    2e6a72a2aefeb162a5ee7cf5989d546f6439e74bfd38ed39fe40d86165ebb38d1496357606822bd225741876165b9eb45862719a959425c7a372a71025761738

  • SSDEEP

    49152:WhQ8lPzRnZp4y5C6mB0j4KTB+r5u8QeKxFOJxdb4vZKV8:SllLRnZp4yE6mdVKdzOJDb4v+8

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\22562822d239afdee4e975bd2ea9864cf21b28c443cda9755ea4b7cc93ec2783.exe
    "C:\Users\Admin\AppData\Local\Temp\22562822d239afdee4e975bd2ea9864cf21b28c443cda9755ea4b7cc93ec2783.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    1d3fa8ed86e1e8b31945186f8aa15021

    SHA1

    16658f5d01e07115fc60b11f235081c4a29c2b1c

    SHA256

    d43ccd5b7f156f350033da942a0ddff29e9251ca987e0780cd31e5757ebe7973

    SHA512

    b878378fc4808c3698be16d336f8f0f5690a13eb542bdf3bb1506caca5c6ec74d170eeaf7b52c982b53c1d8f8d6c9680157cfe3f1b9fd66b85b4fc4964679882

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    8954eca3fa1eb8b76a0c3fa8adddcd0d

    SHA1

    5a26599e5ec6eefc07baeceecc4f123d1d2ec44b

    SHA256

    ece781bf2db49d4067ead28c072f1d8af3c335d065e8ca89022ddbbd89445446

    SHA512

    f06a9199fc6081ac0dcb91b87a6ab5617d55db27b6783d07948aded307340a00717a4c71bcbc7e00050108b269b4e87e385c44370bb9a71a6a082bf8394ba66e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3CC2.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3CC2.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit