Overview

overview

8

Static

static

3

128265857e...66.exe

windows7-x64

8

128265857e...66.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    171s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    08/10/2023, 16:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    128265857e59705314e304b1b5a54943915dffc84cfa2f6aa6e1f31822d66a66.exe

  • Size

    4.9MB

  • MD5

    400c4b3032ac4a4f507f6c06002c2199

  • SHA1

    676ac7c06948aa1e37d2f9848b857eff7791a6ef

  • SHA256

    128265857e59705314e304b1b5a54943915dffc84cfa2f6aa6e1f31822d66a66

  • SHA512

    b09d26ec9caa07e472c11a59c2fa5647ed35531b59917d2bf06bcc4f0c47123c1c556f7d5e89cb32289c9c1476da65efa48ca015f31ac373efeda635e7a85a15

  • SSDEEP

    98304:tTP0EZ36bjYOrtYtsRXIov2vRKdzOJDb4v+a:10EEYtaE8wN0v+a

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\128265857e59705314e304b1b5a54943915dffc84cfa2f6aa6e1f31822d66a66.exe
    "C:\Users\Admin\AppData\Local\Temp\128265857e59705314e304b1b5a54943915dffc84cfa2f6aa6e1f31822d66a66.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    0adcf3f0ce4be74949d412dea4e5dc90

    SHA1

    52bcde417b2cea7f73c5fe4c8e6fd01440122998

    SHA256

    3349db27cb85f3e89643ebf5d6dd3bf527890541a831581200e24c5d9e6d73ce

    SHA512

    fc2b107dc317341e546fe74a87624a3dadc8a4a7f7de9cdfc5238a2b5571eb369ec8d2e84f991455d030e7e4e783f1cf1d8d4bf49faadf459957f60ff98b9fc0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    0adcf3f0ce4be74949d412dea4e5dc90

    SHA1

    52bcde417b2cea7f73c5fe4c8e6fd01440122998

    SHA256

    3349db27cb85f3e89643ebf5d6dd3bf527890541a831581200e24c5d9e6d73ce

    SHA512

    fc2b107dc317341e546fe74a87624a3dadc8a4a7f7de9cdfc5238a2b5571eb369ec8d2e84f991455d030e7e4e783f1cf1d8d4bf49faadf459957f60ff98b9fc0

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    62dfb01d79892f5ffe3fe1ea03a20fca

    SHA1

    0e2a1ca7ca3f836f1025a60843649c6dbb8fc9df

    SHA256

    8e5b6ec394c1b3a3c5dd5252c7020e0fb5db4e217ec5a2e3c689fd1e4f318d90

    SHA512

    ebff74c1f13dfc378351913e7b3858364e94eb0f6e9c2d91f00d13593ee53eceeb2842d8dcd4e5eec3ef4474c7bd19082667c86d9abad678ac77bf3e3f422fc8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybD8F1.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybD8F1.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit