Overview

overview

8

Static

static

3

9df1ccbf3f...40.exe

windows7-x64

8

9df1ccbf3f...40.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13-10-2023 13:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9df1ccbf3fc987af54dd03b3cb56da0460100b489412d3de2a886dca58ba4340.exe

  • Size

    4.6MB

  • MD5

    f8400f678df52f291bb5353771c6b2b8

  • SHA1

    eb43ce50b2b734e6de7c4e5bed06675ca4c04dd0

  • SHA256

    9df1ccbf3fc987af54dd03b3cb56da0460100b489412d3de2a886dca58ba4340

  • SHA512

    6aac544d4beb5e85f9378bab551624dd969fc41b4218af78e3aa508acec06feaeae50fca3b217d9635f096b22624f1f297fec7390f7400b26f62c3a3991fd884

  • SSDEEP

    98304:6aVizMvkMUg3n5xmtDasmlKdzOJDb4v+:+MsR39wN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9df1ccbf3fc987af54dd03b3cb56da0460100b489412d3de2a886dca58ba4340.exe
    "C:\Users\Admin\AppData\Local\Temp\9df1ccbf3fc987af54dd03b3cb56da0460100b489412d3de2a886dca58ba4340.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2328

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    a8355a492cd15f0f26ad49b493e3b5cb

    SHA1

    10b0c4e161a7f35904bb8289897a0fca52785c0e

    SHA256

    244cce938e709d18dc941f145d4c8b6b5e240b5a15ed977aa1af3af73203c705

    SHA512

    207bf67327ab9e6566df0b4058f280a115c3d2103448b3487da50e7c27a3cb4416484e81921abe287afa5c59fd6f2918fbb0a88190e9ac8e1ba6803cf18ac200

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    bdece764aa143f9e13bc0446e9d54de0

    SHA1

    d4b41c7ba99c8acac0116bdcaed503390e4b3931

    SHA256

    2384ce017d5d131fb0c7dbfa3be3d1d515436278da4046527b9cd91f5caa34f6

    SHA512

    cabf784c0c40fbcc3a35134fb216d23959cc9ec7bd37c63092f420f6cb0c9478813e31580c1000e6eb8cb3a8283252765b49563379fdc2b5e1d1709aa66d63bb

    Download Submit
  • \Users\Admin\AppData\Local\Temp\yb2868.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit
  • \Users\Admin\AppData\Local\Temp\yb2868.tmp
    Filesize

    143.1MB

    MD5

    036b2f7390449bf5e629e6b971341322

    SHA1

    e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

    SHA256

    37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

    SHA512

    75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

    Download Submit