Overview

overview

8

Static

static

3

d307f9f341...e9.exe

windows7-x64

8

d307f9f341...e9.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    19-09-2023 18:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d307f9f341913d3dcd93f7140a209155e77eca1d9479265a8e1fa616cd0c08e9.exe

  • Size

    4.6MB

  • MD5

    4d08e51e39c96e9cd9d6735b8ed56b8b

  • SHA1

    6e840fc7d7ec4d226c342d021133e913bb64ce18

  • SHA256

    d307f9f341913d3dcd93f7140a209155e77eca1d9479265a8e1fa616cd0c08e9

  • SHA512

    98963d6c2d6c9e7811dbf264605232bd076c27fa6e1f20dc6b1cd797b6affcd7c8c804984e4241be891bd405d5769afce05f218f747b46e472f758835c57b2f4

  • SSDEEP

    98304:fcOxoa2orK2t+Gwo2xaWJWRzSKdzOJDb4v+:Tos2oWJWRzxwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d307f9f341913d3dcd93f7140a209155e77eca1d9479265a8e1fa616cd0c08e9.exe
    "C:\Users\Admin\AppData\Local\Temp\d307f9f341913d3dcd93f7140a209155e77eca1d9479265a8e1fa616cd0c08e9.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    c79b34b0c52e5d3436d9dddd7bc9894e

    SHA1

    a049cf54275eeed8cc9544ec1564354b5c722656

    SHA256

    206c899e87ad1d2f9963c6d3f4bd4bcba1b579d02198a117f2626ddabd917171

    SHA512

    ed18978e05d1ba22b8e95e5409a51fbd46f0f4741a246101874a5709df66f0d88315b2724943648ca4fe947516d47d804944e1d3a6c6d4dbf36d624870dded28

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    b043c50f25b4cf0945e3db1cc696c55a

    SHA1

    664e2ff450f335689c8acb3f5f10942fb969935f

    SHA256

    516edf25d75b3c06e4d2dac6ddd3389f89bb1411f1a372b467e340ef3b1df9e5

    SHA512

    ccfd24616267b7617bafe34e150c8613fc903cae61e65841070feaa9c4a4a1d22ef6bf5ee65d77f65582a1a5a37d03be4088e46948b5947ae45c39dbe93112ae

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    e53f255a92012a3914718cd6f71adf85

    SHA1

    f8fc6351830b2456d323130b760e3fe4b6b8db9f

    SHA256

    c6f5454972be1de0c9dd1d6f4e48d55ff9f1d501a7695d02b9dacb8102c3bbd2

    SHA512

    19583ae0ace281236b7f15a89db44d1c0cda8dd0b7a9b39468dbc2c84094aef8ff02318c6d3157687f3f689bc66d296a8a0858cbfb63c1f52d57f8c79e1a46b6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb2E12.tmp
    Filesize

    129.4MB

    MD5

    fd393feeeeeb67ed7320afad9e80a57b

    SHA1

    50a8cfd1827cc40f797ec57444d6b18c2927d036

    SHA256

    4cacb8d862e445920fde6ab27f6ad7817af6ca9f8de760e491f6cb2ce060bb73

    SHA512

    73b6d99c23a50d550390375fd3929ce3a2ed22ce1f5c80b9fd85ba6c76543ab0571c98b412f5b20933d01bf55cf00f7a3a8f74fccbd55c7ad561c7ab5f7d1eab

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb2E12.tmp
    Filesize

    129.4MB

    MD5

    fd393feeeeeb67ed7320afad9e80a57b

    SHA1

    50a8cfd1827cc40f797ec57444d6b18c2927d036

    SHA256

    4cacb8d862e445920fde6ab27f6ad7817af6ca9f8de760e491f6cb2ce060bb73

    SHA512

    73b6d99c23a50d550390375fd3929ce3a2ed22ce1f5c80b9fd85ba6c76543ab0571c98b412f5b20933d01bf55cf00f7a3a8f74fccbd55c7ad561c7ab5f7d1eab

    Download Submit