Overview

overview

8

Static

static

3

f5b2bdf762...74.exe

windows7-x64

8

f5b2bdf762...74.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    07/10/2023, 15:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f5b2bdf76273cb2efac58a768ee40b16b5abf6d8f06b8bf07f09479ebbfb5c74.exe

  • Size

    4.6MB

  • MD5

    1354fc3efe73bf4a26da5941b39d3cea

  • SHA1

    8df1bc0029f610a9f981391ae0a236182e1c8828

  • SHA256

    f5b2bdf76273cb2efac58a768ee40b16b5abf6d8f06b8bf07f09479ebbfb5c74

  • SHA512

    71d5996802ae7059e94e4f71f08841da716e8c46377a228773b50cd599c160c9af62983008addddf6bce912884257f497c3deef28d28840ba5902183faf6c1a9

  • SSDEEP

    98304:WG1c5g+Wm3n0tQLCcvITqy9KdzOJDb4v+:KgALCoITqzwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f5b2bdf76273cb2efac58a768ee40b16b5abf6d8f06b8bf07f09479ebbfb5c74.exe
    "C:\Users\Admin\AppData\Local\Temp\f5b2bdf76273cb2efac58a768ee40b16b5abf6d8f06b8bf07f09479ebbfb5c74.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    dc3e7f9da9072f4cdc10981cc193a5f0

    SHA1

    eaedf81c7588667ffebec9e939dc1f03768e5d3d

    SHA256

    1781116a6798b9bfd626ee4e170654920962436055518c11513cd774e1740c87

    SHA512

    f20e07d96adb028d6da0e42f6a8cd20d2917ea209828927886da91614b251443053bad854545d14d830b66ad65ff9a5c29bb27450c62b713ab977bd3efbf7a3b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    dc3e7f9da9072f4cdc10981cc193a5f0

    SHA1

    eaedf81c7588667ffebec9e939dc1f03768e5d3d

    SHA256

    1781116a6798b9bfd626ee4e170654920962436055518c11513cd774e1740c87

    SHA512

    f20e07d96adb028d6da0e42f6a8cd20d2917ea209828927886da91614b251443053bad854545d14d830b66ad65ff9a5c29bb27450c62b713ab977bd3efbf7a3b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    2065a537aa8ff141c8733f27e7a8c8eb

    SHA1

    a306e9190505f0cc8ab1cade5da66c436b7666af

    SHA256

    12c4e97a05dbf0bea3ebbd08db0582da5055a499b8496f5f8e3fc5759f459225

    SHA512

    36d33c8ce106fe0610ec0df8f82d2eed54f932226391ad8fb375a1cd33891823fa786411e03b7013d4829e28adcb408ea0610cb7e62482a0a220e559fecf4443

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb532F.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb532F.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit