Overview

overview

8

Static

static

3

6fdc8b072d...36.exe

windows7-x64

8

6fdc8b072d...36.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    10/10/2023, 16:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6fdc8b072d5e7169f86ec0b12ab4757dc6ab5304b8b645e9372b473213808536.exe

  • Size

    4.1MB

  • MD5

    70da28be664a9d0b83ceb9c48ecf1ee6

  • SHA1

    eb3236eab00594f3138cefb53450365ded49e611

  • SHA256

    6fdc8b072d5e7169f86ec0b12ab4757dc6ab5304b8b645e9372b473213808536

  • SHA512

    11bda089d1cf9ba87ea44bc6c3a6948318aab237dab7a5e8a0968831ba2b3a920bb1fb03b3caf3a218ce0cc83607273e68daa6b7f67fda9feda93990d5c0f46b

  • SSDEEP

    49152:tDnaVVMzMvkMUzM3n5xlmSY+r5u8QeKxFOJxdb4vZKV:NaVizMvkMUg3n5xLKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6fdc8b072d5e7169f86ec0b12ab4757dc6ab5304b8b645e9372b473213808536.exe
    "C:\Users\Admin\AppData\Local\Temp\6fdc8b072d5e7169f86ec0b12ab4757dc6ab5304b8b645e9372b473213808536.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    389cbcf29ed85c343177018bd07e05a1

    SHA1

    8af3f68a8a79668d8d40f12e80086302c44f7d5b

    SHA256

    2ce7e624cda5fefe6cfa1cc084bcaa844c2bcf0038754189b8b3f80db7761840

    SHA512

    dbdd4d21ca66cf2ce36fc1f7d26212475d936276d96727150f4de7fecd9c5d83ef4c48ebf2fa0a0f9c650f0304ab0ebc538af8284767f45603b13bccba6ef01e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    3ea41013f91fe67cedbc3dad35213a1e

    SHA1

    cddb230eac3724a8bdccb17b5963179359a7613d

    SHA256

    59df47f8e93c2d2d2ea95a10d2fcb3a6698f032094e3032a07b6521b5975605d

    SHA512

    20f74e337675b7b6d4e5b928b62e0dd77653d469f1dcf80e8bd2cb12a5faa2f7e76a234999e706e489d1057eba7067d53d681d4cf1e035313486a94e5f9894c1

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    e7c64d9e76fe825edb35f5316da0b265

    SHA1

    359aeda7cc07cdd26ecf2704caeaad70cf4f7092

    SHA256

    032908f9523f0297e83b78c548c37ba0c5016e1cac1d1294c9a19206173e51a1

    SHA512

    251882c8a6bc4d5566ce0492ce61310ddb0422bd2fe2a8842f321f5eac1655935287a0ac1dd5a44dc394d4e8d195d7bd2424a9840fc8624efb551c1185477092

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb59C4.tmp
    Filesize

    143.1MB

    MD5

    64ab3ce8df581e1e0dd5691d2e6248de

    SHA1

    ca1b4b7baf7a70393b257a0c552449af43c59d3a

    SHA256

    05065f7ecb1c7d2d85fadeb213663587830e297f5b19b3bb087189393fe25591

    SHA512

    5214e153ef0e40151ba9dc415f7d0fc043ed01db8aac62f1421d688f2315de3ff96cebfb921e1436a168abc7929f601a6cb042ac24bc982b22953ec4e59715ad

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb59C4.tmp
    Filesize

    143.1MB

    MD5

    64ab3ce8df581e1e0dd5691d2e6248de

    SHA1

    ca1b4b7baf7a70393b257a0c552449af43c59d3a

    SHA256

    05065f7ecb1c7d2d85fadeb213663587830e297f5b19b3bb087189393fe25591

    SHA512

    5214e153ef0e40151ba9dc415f7d0fc043ed01db8aac62f1421d688f2315de3ff96cebfb921e1436a168abc7929f601a6cb042ac24bc982b22953ec4e59715ad

    Download Submit