Overview

overview

8

Static

static

3

5999d086f2...05.exe

windows7-x64

8

5999d086f2...05.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    20/09/2023, 19:26

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5999d086f2343735aa32cfe3d846ebec485880cd78ca5299cf46a1d7a066c905.exe

  • Size

    4.0MB

  • MD5

    eae04cf5bc7478fc0b67beb22bac7fca

  • SHA1

    9f0d1ab9bdeb1118d9be2044b340739a76979cde

  • SHA256

    5999d086f2343735aa32cfe3d846ebec485880cd78ca5299cf46a1d7a066c905

  • SHA512

    1eb61e5fc27c9ab6d7b03d3ddc2b8ff28a02d4d0ede241bb609d20f2be728f122879bc676fe8cb83fd8835432ddfd40f7400f35d6938565b20afa4f6a26040ec

  • SSDEEP

    49152:40N3IpkodZfdlTXKnB3nZdXarY+r5u8QeKxFOJxdb4vZKV:Z3IfZfdJXKB3nZd+KdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5999d086f2343735aa32cfe3d846ebec485880cd78ca5299cf46a1d7a066c905.exe
    "C:\Users\Admin\AppData\Local\Temp\5999d086f2343735aa32cfe3d846ebec485880cd78ca5299cf46a1d7a066c905.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2392

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\Cab4C2F.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          3KB

          MD5

          78b74a39d96893983b2d9f60dc84403c

          SHA1

          2443a3dda3ca828ed292abfbf634f4261872138b

          SHA256

          ac2fcbd01dd9cf69f9a796ee5e3dfd36a983cfc061bf51a59e58aa6cfe1ef821

          SHA512

          1d67df8e7c14281e05182e20ac317434c10531451d395da77ef055eb5215f566a4935f715ddb6c9ad463487f3229e3a26843e9903a2222bc684ce380158c7b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          4KB

          MD5

          a90557c4ca7a2dd90aff2bd9e17082e3

          SHA1

          ecb829a28f70fe1a5b78ffe026673b957d2bf041

          SHA256

          b2199b635969fadf10b587e1bb687a7836e5dce3053c93fb22e6787b1e459b12

          SHA512

          598a1d5b4e726e5031fc1524f58a7249798b08ea876d2410dd45649c0c4be3321b3019192334e9f0cae8d1d608e50cf678255e725ff8625f73a7a7bed44e1164

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          0966c9abe0e8cef84d1ed95b6761d1f1

          SHA1

          919d8a2bc22c65ec83ea5ae08323f19a27342ea0

          SHA256

          6d3e8a6fc09c1001ff42a57db9a5d1485f7c209c74b91fcc09a98cba67f5ffa9

          SHA512

          5bb6a995341d0ec59022dcbc50703356af20c168eb732cd449571824bd26772e198eeffe60baa7af72760eb35105af2cdab965d615d4afb51ebb50412a4bb692

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb4875.tmp
          Filesize

          144.7MB

          MD5

          332409d5436a6ae6463ff9a0b2580993

          SHA1

          71a219b692d905f5993e9a5a9b1e7d12656f4c9e

          SHA256

          def9df6478ffbafc318f98c0b4b9a49dcb900a250cf0fcd0bee91a9ac6050628

          SHA512

          06a7c353a2c17ee93208372ad03ab37a2eb492b8dfc0331a04390238e7f89650817b3ab186fd2fe49b3ff601e3a18828e2b1e3c1f6315aa82d9726f5fee90430

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb4875.tmp
          Filesize

          144.7MB

          MD5

          332409d5436a6ae6463ff9a0b2580993

          SHA1

          71a219b692d905f5993e9a5a9b1e7d12656f4c9e

          SHA256

          def9df6478ffbafc318f98c0b4b9a49dcb900a250cf0fcd0bee91a9ac6050628

          SHA512

          06a7c353a2c17ee93208372ad03ab37a2eb492b8dfc0331a04390238e7f89650817b3ab186fd2fe49b3ff601e3a18828e2b1e3c1f6315aa82d9726f5fee90430

          Download Submit