Overview

overview

8

Static

static

3

f1d8f22ef2...f2.exe

windows7-x64

8

f1d8f22ef2...f2.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    12-10-2023 19:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f1d8f22ef2a9c3a5f9e351f5cb8a282b5768a795e077977ac0cf2f1a127087f2.exe

  • Size

    3.7MB

  • MD5

    c7dd547c471f2cbee6f66291fc31cd20

  • SHA1

    b65b61864935845b230adbfd39fe3dcc494e3af4

  • SHA256

    f1d8f22ef2a9c3a5f9e351f5cb8a282b5768a795e077977ac0cf2f1a127087f2

  • SHA512

    cfb3ae59d723d765215e97fa2e4e26e28ba710482883b75f2b1a0cc9ee3ef16f0fab34ec8157bff369d25562964617dbf8b41925194296839b6866438d42f5f0

  • SSDEEP

    49152:iDCLomiK+15C6mBPtS3FpAB+r5u8QeKxFOJxdb4vZKVx6:cootK+1k6mLYKdzOJDb4v+x

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f1d8f22ef2a9c3a5f9e351f5cb8a282b5768a795e077977ac0cf2f1a127087f2.exe
    "C:\Users\Admin\AppData\Local\Temp\f1d8f22ef2a9c3a5f9e351f5cb8a282b5768a795e077977ac0cf2f1a127087f2.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    2KB

    MD5

    31edd8c6faa5dbf2f64b399edee350e5

    SHA1

    476a64b7d14c10eaa3e5ff3613913e6a143f9316

    SHA256

    6e2e40a19c004eb4c3cd49b511c8cd0274898fdce7a0ad6ec658107f579e8637

    SHA512

    e8c5f64ab5ac9f85a34e9cebe026080227e659d1813e831db2dfa305e058ef4317dbb6985d84f41e099b81cd9733d75e20a55e751479812b9ba26eaae5b60307

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    aa5bfc0a747306096c0c8d11ac31a650

    SHA1

    552abf818b28b4a0836dae60b5e5a58a3bee2cb5

    SHA256

    f136891ce873b1b0edaf5f8213adeeabd55bff5c9c6a946eb996b2f01b9a5173

    SHA512

    8a0dcc6ce06089f28e01e34155166fd3a367e36617fda9edd1c23e6f0cb972e62086c3569437b796ce8ceb3ef45d92d4762059071604cc92b69737e451c9ce0d

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    11fbbc32f62baf74dab8b2b3f247f467

    SHA1

    b8c2320d8e2dcfbe68fa780751cca8abc095ea45

    SHA256

    9c6d68deaf9f937b67ad86e6ec1a1d4e1a59056625bc0fef319189b200a6df09

    SHA512

    db7debe713f0b0bba128ff59ce9c6c07220e212b1370c9f3e6438a376fadc3bdc6f860a16006d192e7e07a584b954c6e158d4559772324f3de595cbe6f344e1c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4183.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4183.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit