Overview

overview

8

Static

static

3

f5ca2cf5d8...ea.exe

windows7-x64

8

f5ca2cf5d8...ea.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    30-09-2023 16:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f5ca2cf5d8a27eb3a7c1fcae5179bc11bcf700fd0c40bcc25cf36630adc155ea.exe

  • Size

    4.7MB

  • MD5

    19472b04064e334147087007030d2d5d

  • SHA1

    d449f3beb6c6ea86bb7aa96940a00c79335207c5

  • SHA256

    f5ca2cf5d8a27eb3a7c1fcae5179bc11bcf700fd0c40bcc25cf36630adc155ea

  • SHA512

    a18f548e77798c8c05e65b9936fe6968e144ca92d0f43b9c73fb9086fe785a93932d0216e3c9d5008dc49eaa0d1b2af74e23b1aa0f37375eecba8e9fa89213bb

  • SSDEEP

    98304:/TKOZx36bjNOhhgQYKnoyWFPKdzOJDb4v+t:mOZxgQxnXSSwN0v+t

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f5ca2cf5d8a27eb3a7c1fcae5179bc11bcf700fd0c40bcc25cf36630adc155ea.exe
    "C:\Users\Admin\AppData\Local\Temp\f5ca2cf5d8a27eb3a7c1fcae5179bc11bcf700fd0c40bcc25cf36630adc155ea.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1572

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    992f89ff20a8c23890dfc1e30027bca4

    SHA1

    647ba3ef28b4f7ccd79f917fbc7cff110b277d99

    SHA256

    2002feeebe84d7cdba576b13e8461adbfc1810813f72ec392a927a2e7f6a5873

    SHA512

    bdd890d50e417e114d16d2655f822062eead0ea1bf07c7e8dd43a0efda51e2c35f2bc099210717d29f4b2c292a6833f6fd4dcadd546b9c0abc8f14529ae9b301

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    df1af56ef7adcd139d73a76985d32e20

    SHA1

    d913c90faf878f83e522445a9f4826d3ccc3091c

    SHA256

    5614cf7c73624ee7bacdb4f94793168f985f6fdca572b6a74dfafa413deeffc3

    SHA512

    b875fdb7d53aef46e66f8d4bb5aa2ef073612d950de9514f804af32d474c26f32361a32a03f27e2d75912e51bdf7d0b99eb17e5287cf3bf258c9fb758cb302b0

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    d7a47d90e6874daba54f4f2d9047d670

    SHA1

    3ab591968f53143cb4eb77f8e6ff2412437e7f41

    SHA256

    a4c2d17f8ce74ac711c751bc986d003492e1e71bd581b24477dba6d6f44792ba

    SHA512

    ebae08b5fdb9888aa3c24599739ccc8410b3bcee37119be96dd7b5b8c92d00630af4e87476c4c993eae3d19512586677d0b66304135a8a753fa201136428a6c7

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8288.tmp
    Filesize

    141.1MB

    MD5

    4b064c5871e7c30578a34b0ecee0bb11

    SHA1

    0789168e667f725e8ff3b458f7c888ab5d6556cc

    SHA256

    7db571ad802800f1571dda9131a46b921685500bc09c3e8431f22f3da1c72b1e

    SHA512

    e1c84a7ff5603834f92d375dc9d28e3726647cb43e43a08e6e104cf31e073e7aa36a1a31f654b0b9ded5a10a19ccd80674a9c7dde37e1c081d1e2459be4a46cc

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8288.tmp
    Filesize

    141.1MB

    MD5

    4b064c5871e7c30578a34b0ecee0bb11

    SHA1

    0789168e667f725e8ff3b458f7c888ab5d6556cc

    SHA256

    7db571ad802800f1571dda9131a46b921685500bc09c3e8431f22f3da1c72b1e

    SHA512

    e1c84a7ff5603834f92d375dc9d28e3726647cb43e43a08e6e104cf31e073e7aa36a1a31f654b0b9ded5a10a19ccd80674a9c7dde37e1c081d1e2459be4a46cc

    Download Submit