Overview

overview

8

Static

static

3

794c88ba4b...7a.exe

windows7-x64

8

794c88ba4b...7a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    206s
  • max time network
    280s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    07/10/2023, 23:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    794c88ba4bdc304b9b29c9db4fc07518c9dcce779df8b50df1b7df340a25b27a.exe

  • Size

    4.0MB

  • MD5

    3c1afa41a4129da6bd40bc3d48b33eb6

  • SHA1

    2e37d6d6ee3390d15ce9233953fdcda2b330d545

  • SHA256

    794c88ba4bdc304b9b29c9db4fc07518c9dcce779df8b50df1b7df340a25b27a

  • SHA512

    39850b64d922c3cfcb9811b66f11c8beccaa09f3a3c2da30b9fd352ba063db4a3545f0b6ccc954194ac5e5f516e834967da852b31d18c32a807bf9eb3224e27e

  • SSDEEP

    49152:HmTdyCdT0AvzV3R8bjvQOrMxDHE/Y+r5u8QeKxFOJxdb4vZKVi:GTP0EZ36bjYOr3KdzOJDb4v+i

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\794c88ba4bdc304b9b29c9db4fc07518c9dcce779df8b50df1b7df340a25b27a.exe
    "C:\Users\Admin\AppData\Local\Temp\794c88ba4bdc304b9b29c9db4fc07518c9dcce779df8b50df1b7df340a25b27a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2632

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    b3ed44f7336cf7867bc442bd11ef6ac6

    SHA1

    6ebf83dc06cc9f7c2a775bc4b3509ef6725c8aa4

    SHA256

    af530558a56f8c8c590f22e3873fcb3fce6e8643ab6a7c58b2cef6601d10f995

    SHA512

    2688da4fad992cfef567949d7223c91fb2932ad8cbab2d499d82bbca7d24777e808e8ac9b2eb777c8c7631092d2ed8a410d74c0ce6aabe223f45ece34358930f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    80927b9bed82f230f018507429046556

    SHA1

    84d7d2d73ba364af84caec1f05a71392590dc309

    SHA256

    9c652b179a6a673ff5eacb9de4cc7f0f756b76e5fa7e96d02f0fb33429c17950

    SHA512

    dab488da291d0ec0eef3e11f59f862776bdcdf3f07f5afe708fd5700adefbd1dc552ef3fb1a47714ce96375a0bc0a6a0a03fdc137bd9a4c2579a2a44fe19ecc7

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    d853e2b9e6773548430bb6eefbb8e4fe

    SHA1

    ccaa5274a59d712381668192095c835c118a4da5

    SHA256

    b854a4a5b008b2904e15d94b2fd529991012b0c0c0ce84549e3c6a219b173353

    SHA512

    007c2a83fe777db848168340bbdf366858c23aa1a403176c36093ac5c7c70916853ad67ece932ae2a2a67dbcd7daecacdd309aeeb4c44610a00a677d8f774716

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb9203.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb9203.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit