Overview

overview

8

Static

static

3

f8bdc9daa0...fa.exe

windows7-x64

8

f8bdc9daa0...fa.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11-10-2023 14:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f8bdc9daa0070bab1f75c5cb64e03ee86c91bfdb3c15c2483cc6b4c3c02b6afa.exe

  • Size

    4.2MB

  • MD5

    2bfdca1adff2000dd7b12ca4bbca0227

  • SHA1

    6c3f3dd5aa667f1a005aab23e6c7ee8df544f2a8

  • SHA256

    f8bdc9daa0070bab1f75c5cb64e03ee86c91bfdb3c15c2483cc6b4c3c02b6afa

  • SHA512

    16b0e06f361c206644697032cf56dae9bcbc98decbf140984780475d1b1b4bc4e623e0664aa38adadb4cb307075a014859370d7c98c80ba629e04617a70face5

  • SSDEEP

    98304:B5wxWzZowQos6myn7WcrU6b7SKdzOJDb4v+:fSWFoCRxwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f8bdc9daa0070bab1f75c5cb64e03ee86c91bfdb3c15c2483cc6b4c3c02b6afa.exe
    "C:\Users\Admin\AppData\Local\Temp\f8bdc9daa0070bab1f75c5cb64e03ee86c91bfdb3c15c2483cc6b4c3c02b6afa.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    9adcbd54a835521762081a7864bb8741

    SHA1

    4e467339032a87748a23508c4ddde18c80b9820d

    SHA256

    afde8bf9ce7dd330e7997640fc6d29a4a33b8bc545eb50763091ec5efa2538db

    SHA512

    9f95d6198bb5ae8a17463a48d1f1a207ef3aa7637369aa29a1995955a216ca9ed0416ef039fb57996f9ebcf292d3a8f94c96d753a63eb024298afd44e716acd2

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    379eb957e514c05b29cddfa1b1f86f99

    SHA1

    c69c4152a196db13cde3a91ca6a8d6721af9c0ab

    SHA256

    83628cd1decc0677481f1f868cc6ec0ced756a92e1992567f47a6a40694f6805

    SHA512

    354f4aa020544b0a4437792733b354450886a051fe5b3348c2bcdabd146d4a2156151b6f7369d64773c6992a5a620118bb7bb14fa368bd3dd1903d691ba279d7

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5560.tmp
    Filesize

    119.9MB

    MD5

    ca057550c4e6d1c8f6f0ee0d09304f21

    SHA1

    bd63f3d07023d0e5705d1ae92d1873a3126c108c

    SHA256

    9a4c48d49e86e12f715af2d6883761f60a8d1ef1df19dc16c95c22130681f62a

    SHA512

    fe206765ea6a96fd1a167e63fb4a76af88e93a8399af74d58449c9b2a316882d9b5bd2e5b3b5d56aee3f35bf3ac38889d61fb2f482dee1fdcb9bf8a594a8ecf6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5560.tmp
    Filesize

    119.9MB

    MD5

    ca057550c4e6d1c8f6f0ee0d09304f21

    SHA1

    bd63f3d07023d0e5705d1ae92d1873a3126c108c

    SHA256

    9a4c48d49e86e12f715af2d6883761f60a8d1ef1df19dc16c95c22130681f62a

    SHA512

    fe206765ea6a96fd1a167e63fb4a76af88e93a8399af74d58449c9b2a316882d9b5bd2e5b3b5d56aee3f35bf3ac38889d61fb2f482dee1fdcb9bf8a594a8ecf6

    Download Submit