Overview

overview

8

Static

static

3

95231d0bb1...77.exe

windows7-x64

8

95231d0bb1...77.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    04-09-2023 11:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    95231d0bb122a1fcb57e7b0da3a3525e147b4a4216927b0715e780277aa05177.exe

  • Size

    3.7MB

  • MD5

    67b2742b658a0e74d4c8e05bd28e8cad

  • SHA1

    11cf62276abf83bab0cc02566c6559dbeaea6183

  • SHA256

    95231d0bb122a1fcb57e7b0da3a3525e147b4a4216927b0715e780277aa05177

  • SHA512

    7c08bb2ed48ae9ece11a9794556e7a6e0b821622db74ff5dee6b4bbc5b37e17be1954f152074bbe0ba37db2598ed3d59abf4d6c7e2e68c557b39a91e60686713

  • SSDEEP

    49152:WhQ8lPzRnZp4y5C6mB0j4KTB+r5u8QeKxFOJxdb4vZKV8:SllLRnZp4yE6mdVKdzOJDb4v+8

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\95231d0bb122a1fcb57e7b0da3a3525e147b4a4216927b0715e780277aa05177.exe
    "C:\Users\Admin\AppData\Local\Temp\95231d0bb122a1fcb57e7b0da3a3525e147b4a4216927b0715e780277aa05177.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    f126849bf7f48793a912d2286e87e65d

    SHA1

    7288f9bd39ac4f8d798f3d84c3bfb82af2a0b707

    SHA256

    d30f1e4b9e1d7d826a708fd4d0ef4a6e9767a4df197c3d97ea151ae513f68e1e

    SHA512

    8e9c381f69d30211889e59dd0b2e42a7793c638c3ab8cc3a2e3d393e96cd3a344b2367ad0fd520c84fe6e68c07f78098a0795c7f8afb3e69c53ca2e75511dfb7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    4d63eb4a032d3f3e892e63af55e17e17

    SHA1

    828fcfce3ca3385011ce8ab95e9e62df20e4fd14

    SHA256

    06076afb1acde6831854846ce6fd276d70d10a58b8fcf47389a09ba33ddcadc9

    SHA512

    8768d8abf08dfc50320f24a2624e33cee883c7cee33c5ff51ac586655f5827498723bbece6f565eafce64ffb44d0954f603d68e8ea1f33daca01cec07248b76c

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    679d21742d4960b0c2e47b43ad09f260

    SHA1

    5174e88b532fbf40c3c8ba13d621b89cb34f0176

    SHA256

    dd2de09a1cf9719c4bde21a44e67dbb9b458ac7fbbc11dd90c41fe614e5cea87

    SHA512

    e3e0ddd79ec617c58b2cfd3fd5360e1662e51ae3a457da981ebb8dda1f25a9341fbaebafeca00c97adbbbc9a268d5e5b697b51a757189d73501558eefd6b9b08

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb62C8.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb62C8.tmp
    Filesize

    143.5MB

    MD5

    57d1ad0cd26b7e6c8b8c8207b4f5d640

    SHA1

    f0c826dbdff06d6e14c23876f6331fea2ff8c054

    SHA256

    8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

    SHA512

    e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

    Download Submit