Overview

overview

8

Static

static

3

e105c341a1...d4.exe

windows7-x64

8

e105c341a1...d4.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    30/09/2023, 20:21

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e105c341a1e6d21ee84eb2c46b91031a202053f5bae7a4308bbd0d8576d685d4.exe

  • Size

    4.6MB

  • MD5

    b896b44b0504d4ecb5c211270b96955c

  • SHA1

    721cc5b59439f2fbdd8d0d42752b79a7af070e3b

  • SHA256

    e105c341a1e6d21ee84eb2c46b91031a202053f5bae7a4308bbd0d8576d685d4

  • SHA512

    d4342487d6139b328f96005512c49b8c9bc866e9f04c880cca20838c6b5796c7e03644b7a47c6a3bc66101c8b784a5c5c3371e983e170033acf0033f15521576

  • SSDEEP

    98304:WG1c5g+Wm3n0tQLCcvITqy9KdzOJDb4v+:KgALCoITqzwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e105c341a1e6d21ee84eb2c46b91031a202053f5bae7a4308bbd0d8576d685d4.exe
    "C:\Users\Admin\AppData\Local\Temp\e105c341a1e6d21ee84eb2c46b91031a202053f5bae7a4308bbd0d8576d685d4.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2368

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          1KB

          MD5

          5245ce3f6564846b7463b3a1092e99d1

          SHA1

          d03bad65627c7aa25442f9cb7475f71d98ab0578

          SHA256

          7f24353168e6388f0ccd20fdb53361ada2a7e37f3960281be9c5b7e4777dd15c

          SHA512

          c597d1162bfe4c3fad151bc50a323fdb5b963b426d58ddd051ec17345b27272abae6f373367c207ba905502aeee108a2c0653a6144b29210742b78d1e248a5a0

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          3KB

          MD5

          6f2fd366c228f3fe75dccc64fc94f2da

          SHA1

          507e0621e9f8d9ac25d7c91e9ad8edff8398f84a

          SHA256

          9852c340526801303001305c9af531868569c01e6872435f1cfb37a83d2f1a0c

          SHA512

          642ee22b363d49f5bedc6970a3be2c975b9c634610626d119f2552d4f2821ac8f4d006ae6cb7d65c370fd779a560f0b8a5a1836b684d19e430b5ce94f8382fd2

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          7KB

          MD5

          a0c1d1c3504bc93dabbab32b303cf9c1

          SHA1

          18656dcb6125c8d08d992940944055c8c0e2bb12

          SHA256

          8f1e1919a006d97ae4320e9a0d825831c5e00a4f5b4f2df02f0d0e74d2df70d2

          SHA512

          2c3a31f9e33590a718e41715aa3580068e4f852a9015a43a98f47b426c3476bf1ebe45bdc49ea0de2d58a454ba48b484ae7376fd84f28266529c2ebbe2390358

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          2f295004962566656f97210d5c1372a0

          SHA1

          cca2b6c78d44d58ccf899f32b050be2baa7f27ff

          SHA256

          3cfabbddc124ce62287492eb13c8c8f792272e5c55709cd6bdae82b95ae43a3e

          SHA512

          3e317d4593cdaa4e9c13e7722594fdc51b82b10425b91336256a42e05b68d066f64c971922d29667bcfedeb88d18adc3bbb5771ce7e64264aad3d93a13288b40

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb3505.tmp
          Filesize

          153.7MB

          MD5

          1dd33122a828803ea9d060045a3435e3

          SHA1

          b57436341452a60d4df59c070fd9e14d88a7cd9f

          SHA256

          c19338e7062089af74835421b2f74f3eab5ddee46fc3bc84d03e3ae5d37a525c

          SHA512

          fd371d1b8adce266913af63826031cfcacc26e9f7f159c3fa4d7554e3bf3888821c4a0a0b4c9dadd15f2350f34b6baa72c2f3dc990a32329bed16e62601fb904

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb3505.tmp
          Filesize

          153.7MB

          MD5

          1dd33122a828803ea9d060045a3435e3

          SHA1

          b57436341452a60d4df59c070fd9e14d88a7cd9f

          SHA256

          c19338e7062089af74835421b2f74f3eab5ddee46fc3bc84d03e3ae5d37a525c

          SHA512

          fd371d1b8adce266913af63826031cfcacc26e9f7f159c3fa4d7554e3bf3888821c4a0a0b4c9dadd15f2350f34b6baa72c2f3dc990a32329bed16e62601fb904

          Download Submit