Overview

overview

8

Static

static

3

c43771689a...ed.exe

windows7-x64

8

c43771689a...ed.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    20/09/2023, 01:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c43771689af9b182fa32ed8ac86e39cb27eff64961aaf69b22ac34bdf6c316ed.exe

  • Size

    3.6MB

  • MD5

    21ed192e86f89843f0378375ade013c1

  • SHA1

    21e74ef1b6872b709ed1ad53e5c42234ae341724

  • SHA256

    c43771689af9b182fa32ed8ac86e39cb27eff64961aaf69b22ac34bdf6c316ed

  • SHA512

    7492e6c480dbe14bfb6b3aea3e375f581613e36f0b2ecd8540c565e91137cb75f15d64049cb6c89ab1e438b2784594a6d45bd66aa3dcea6b59967978d757fa08

  • SSDEEP

    49152:lrz8L7/32uynnn6muQNfLguTe3B+r5u8QeKxFOJxdb4vZKVjd:N4L732uynn6mPdBKdzOJDb4v+jd

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c43771689af9b182fa32ed8ac86e39cb27eff64961aaf69b22ac34bdf6c316ed.exe
    "C:\Users\Admin\AppData\Local\Temp\c43771689af9b182fa32ed8ac86e39cb27eff64961aaf69b22ac34bdf6c316ed.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab3F54.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    15e1e48e0750e6a65e51656bd4d21bad

    SHA1

    28a298a68d782011a33db7799d0f0fa29f6b5b97

    SHA256

    ba3c7d26bf3afc49054d7ef4c21eef2ce184ee346613bff1af1a1b917db5d30c

    SHA512

    00692632ef019e678e3522105112cf483bbc7d52b4c1ab037a05d12ea81009118a61d2f70e6649a2459c699016f541ef4c1be66c58789a1a29b95f103f6914b7

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    689ef609890a3014e1d86c4f990a2852

    SHA1

    7036b4065faaaa7468831f4e917f2071d8c55477

    SHA256

    67f4f4bb64754022b83d8c53ca4c816bb2f0edcd3bc0ac593c2a28b8712e9b2d

    SHA512

    60f1f188f757f86d0c36ffa0a131d3fe482d4ecc0b5fe713af122d0bbb9be91aca640d7668f4a2e718c80243476ac4476f1e0fec39ec94798ecd433ed0a7271d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3B6B.tmp
    Filesize

    142.7MB

    MD5

    df9f1df94be242d3871a2445ad7d85eb

    SHA1

    b45fd9f913a7b05ceb1664db8dec4f9f13bd6dae

    SHA256

    a09fade8a1fb8ecd19071f15eeab5b1ebe7222979fe9abc8b78e1b89fe4838c2

    SHA512

    36e7215b7bffffb4e4967a5988f5108167945a324b88088016712f6ba1e31cc9085be52fb83297e249685856ad1efaa40f37b4c916d555c509b32c91149415b5

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3B6B.tmp
    Filesize

    142.7MB

    MD5

    df9f1df94be242d3871a2445ad7d85eb

    SHA1

    b45fd9f913a7b05ceb1664db8dec4f9f13bd6dae

    SHA256

    a09fade8a1fb8ecd19071f15eeab5b1ebe7222979fe9abc8b78e1b89fe4838c2

    SHA512

    36e7215b7bffffb4e4967a5988f5108167945a324b88088016712f6ba1e31cc9085be52fb83297e249685856ad1efaa40f37b4c916d555c509b32c91149415b5

    Download Submit