Overview

overview

8

Static

static

3

17bb46cdb1...b0.exe

windows7-x64

8

17bb46cdb1...b0.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    167s
  • max time network
    172s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    10/10/2023, 20:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    17bb46cdb1d684c632cdf35ebeea6822bd223a5e0101a63ce509ab21e330fab0.exe

  • Size

    4.9MB

  • MD5

    b30a249fb02f79d3baa640bfc596d013

  • SHA1

    8684294bdc9ef257a362456baf0976325c4132fa

  • SHA256

    17bb46cdb1d684c632cdf35ebeea6822bd223a5e0101a63ce509ab21e330fab0

  • SHA512

    49b9ad95b044fe76c898d83beb64b8f7617565566c658b77a5b9486edd6ea042109c20161a97bf87d2097c8866f2a2f2142072d14fe209804f7bf1d6445d33cd

  • SSDEEP

    98304:nwdXBZ2/5fbjORDgt/loIKKdzOJDb4v+rh:GkPtaIJwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\17bb46cdb1d684c632cdf35ebeea6822bd223a5e0101a63ce509ab21e330fab0.exe
    "C:\Users\Admin\AppData\Local\Temp\17bb46cdb1d684c632cdf35ebeea6822bd223a5e0101a63ce509ab21e330fab0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2768

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    db0c850e3ddb9904c080d158b8e77354

    SHA1

    9fcd52bebd1d051895b0aad08e16196e11cbcd1a

    SHA256

    36744543d70fb6c87030634e5dd54586770d0e43ad875e007dee3adb4764e1e3

    SHA512

    3ec938da806f0016df7c361fc9d80efe8b28b90c183cebfc7b44d880843faa9999da8a955fd5cb35446d62d3f394dc5ddf59149fed918dac79943b97af4ce916

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    460fea2523f549e52ff88c5c7c3141a3

    SHA1

    3bfb3d3106d78bfe5eced254de9c74a03b13d006

    SHA256

    27c1924cff59ab952bdefe9711e5f32ae15929ed4b0eebaffe76d0e378b993cb

    SHA512

    063a646ca7483451bdc53a515c662776cca62a493398d3698d8de33a67cea986ae90cd47a15e7f761077a24427b4cc0859cf26005f3a831a5c91432960a73846

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    e24c89a511ddae6e86c969026b9d4e42

    SHA1

    a4cb5dcb82065c7efea6302ccc40af3a3bee0e03

    SHA256

    ad62d78fceff537a447b543e4e6ffd7362735808a392990b5ea23b0bb0604647

    SHA512

    e8aa921aa265c7dc67f340954e0def7a4a098a544e923b688be15f334fda3960a03954ac42368f27e80d68903340ec87c3db5173d3718f630a3945a724984494

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybF538.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybF538.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit