Overview

overview

8

Static

static

3

86f2e11572...49.exe

windows7-x64

8

86f2e11572...49.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    10/10/2023, 19:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    86f2e115728c6053296aff560e68fc899bc9e94913873746c83ccc46d91abe49.exe

  • Size

    4.1MB

  • MD5

    0870f613eb38fad866a90a44b9e7744b

  • SHA1

    d48b6a488c546c8ebc3023b8656fc291d523c1c1

  • SHA256

    86f2e115728c6053296aff560e68fc899bc9e94913873746c83ccc46d91abe49

  • SHA512

    951c741b78f8490b26cc89ddaa17c9b1d12ac6e5afed9dafa7e76f53292bef228b3ebcfc0f7b5f838c5fc95a66b0c50d839224db1117f78f61f5c56b4378ed88

  • SSDEEP

    49152:tDnaVVMzMvkMUzM3n5xlmSY+r5u8QeKxFOJxdb4vZKV:NaVizMvkMUg3n5xLKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\86f2e115728c6053296aff560e68fc899bc9e94913873746c83ccc46d91abe49.exe
    "C:\Users\Admin\AppData\Local\Temp\86f2e115728c6053296aff560e68fc899bc9e94913873746c83ccc46d91abe49.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    24bec18bc1c5caa1e136435eba53b978

    SHA1

    1b0d0faf415f3881482516dcdf79177d1ef6e258

    SHA256

    010913843dfd3f5b9453d5dd8ef9d84b436acb5e5c3e5bce40143e0c7e537f71

    SHA512

    5bdcb5aa45eb9bbe809215e8cf4358b40a5f563ea49632fbe2b6496f2e23469c6c84d823ff8d0d042d45e2eb9e552f57beeb24921505d445f22168dbffeee27e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    b9fb98cd0f22c863bccc85550552324c

    SHA1

    3d70911f68d8df4481fdb385e877680d5c51aa38

    SHA256

    3e844a96adbf263ed53bf58b2f70788c152473413a1d8190c08871b9e06a10a3

    SHA512

    8f7e1e564c625e6bb7bb25cec10e5d11cf6ae889038a71b7551c94ecf98ade8c7d8de715013a7ad8803b2b758cf460b485d1b2e83eb24f78a525a85f14cb36b6

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    fba42d17b3217f456f301f591103a36b

    SHA1

    9bf3090d01f96ff7f700cb445061e664e5b5d7fb

    SHA256

    bc7d2ec1bebc1a614195f2538be67cf50d8d56c4e4466622066a4824242acd40

    SHA512

    50c1c7754194d94c12b2c94d435b0e5cef7ad5680c5dfb1a4975eaef788941e215c16c5fcbef631c50d13818133fac582ab5376eeac272b248144c5cba4a0993

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb32F2.tmp
    Filesize

    143.1MB

    MD5

    64ab3ce8df581e1e0dd5691d2e6248de

    SHA1

    ca1b4b7baf7a70393b257a0c552449af43c59d3a

    SHA256

    05065f7ecb1c7d2d85fadeb213663587830e297f5b19b3bb087189393fe25591

    SHA512

    5214e153ef0e40151ba9dc415f7d0fc043ed01db8aac62f1421d688f2315de3ff96cebfb921e1436a168abc7929f601a6cb042ac24bc982b22953ec4e59715ad

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb32F2.tmp
    Filesize

    143.1MB

    MD5

    64ab3ce8df581e1e0dd5691d2e6248de

    SHA1

    ca1b4b7baf7a70393b257a0c552449af43c59d3a

    SHA256

    05065f7ecb1c7d2d85fadeb213663587830e297f5b19b3bb087189393fe25591

    SHA512

    5214e153ef0e40151ba9dc415f7d0fc043ed01db8aac62f1421d688f2315de3ff96cebfb921e1436a168abc7929f601a6cb042ac24bc982b22953ec4e59715ad

    Download Submit