Overview

overview

8

Static

static

3

d5297bcd34...d1.exe

windows7-x64

8

d5297bcd34...d1.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    30-09-2023 21:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d5297bcd34c876cf7dd08a210908e10ff4958624f6a280bb970c72332ecae5d1.exe

  • Size

    4.6MB

  • MD5

    353bc6ee48805d3f7c389743c0dcf18f

  • SHA1

    b304702aa8e077e1ac33385a0efce3e037a954d6

  • SHA256

    d5297bcd34c876cf7dd08a210908e10ff4958624f6a280bb970c72332ecae5d1

  • SHA512

    d794dc932c4a16195287305a783ccd29ada925d56b575cbe8a78d7b45d3dfaf4af576a763a1c79b11ff6bc2258a9524cfb500e77ebec589d14405ef2c3ec2285

  • SSDEEP

    98304:IG1c5g+Wm3n0tzGoFrnoNspKdzOJDb4v+:UgjGoFrn4wN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d5297bcd34c876cf7dd08a210908e10ff4958624f6a280bb970c72332ecae5d1.exe
    "C:\Users\Admin\AppData\Local\Temp\d5297bcd34c876cf7dd08a210908e10ff4958624f6a280bb970c72332ecae5d1.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    7f3d317be97680bb9dc2d82b508bd47f

    SHA1

    8d8b96fee1650df685b883c82b6302212b8f3fa9

    SHA256

    56ee3517f5f885abdc1266b2e1406d89673fc093b7d03faa5b5f15abfa66e430

    SHA512

    1be6ad36f03131e624ac975ee7db49f17b4e4485f849b0b2721456347458f5dd04630ec5bdd411da7daad1688b9f640d3d8e5d690e28658d6af065d7170e18f6

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    c7d64cd7aa75b9765c14c4077e62a2df

    SHA1

    faf50c50c815c91b926ca40e41307a6bd062f303

    SHA256

    e1a2b009895627274a189253306923feaf3a8c7e3cb766726ef233c191263f23

    SHA512

    2997f7bfa0548fb7380c3996071b4f02a705c55f30814691257671c66784439b552c0ae30eb61b901070b96e6e1b3ddd7d181b6cc4bf7eb360106f335c7037d9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb7A2F.tmp
    Filesize

    153.7MB

    MD5

    1dd33122a828803ea9d060045a3435e3

    SHA1

    b57436341452a60d4df59c070fd9e14d88a7cd9f

    SHA256

    c19338e7062089af74835421b2f74f3eab5ddee46fc3bc84d03e3ae5d37a525c

    SHA512

    fd371d1b8adce266913af63826031cfcacc26e9f7f159c3fa4d7554e3bf3888821c4a0a0b4c9dadd15f2350f34b6baa72c2f3dc990a32329bed16e62601fb904

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb7A2F.tmp
    Filesize

    153.7MB

    MD5

    1dd33122a828803ea9d060045a3435e3

    SHA1

    b57436341452a60d4df59c070fd9e14d88a7cd9f

    SHA256

    c19338e7062089af74835421b2f74f3eab5ddee46fc3bc84d03e3ae5d37a525c

    SHA512

    fd371d1b8adce266913af63826031cfcacc26e9f7f159c3fa4d7554e3bf3888821c4a0a0b4c9dadd15f2350f34b6baa72c2f3dc990a32329bed16e62601fb904

    Download Submit