Overview

overview

8

Static

static

3

9e5ac33ef8...14.exe

windows7-x64

8

9e5ac33ef8...14.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    23-10-2023 21:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9e5ac33ef8a3c4040fa57b0517c21a4e64c6e51c2e1028fe4b42ef4a78cb1914.exe

  • Size

    4.8MB

  • MD5

    e107ff5a796e5b921955288b6ef68308

  • SHA1

    e363866bb1eeb2044ccbb2d8c70c140d148ad09e

  • SHA256

    9e5ac33ef8a3c4040fa57b0517c21a4e64c6e51c2e1028fe4b42ef4a78cb1914

  • SHA512

    bf4c05858ee7b7a316f8bcf17b6296feafaa8a88ce04358d6f90cb67728e84f1e01ed89037c049ce5b9e5e2fc8c9be2942ee6424fe257b2d2b9eece0076ca5e6

  • SSDEEP

    98304:7TVlYQiFIUueAAu2PkcCO3LUKdzOJDb4v+es:NlY02PkcFwN0v+es

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9e5ac33ef8a3c4040fa57b0517c21a4e64c6e51c2e1028fe4b42ef4a78cb1914.exe
    "C:\Users\Admin\AppData\Local\Temp\9e5ac33ef8a3c4040fa57b0517c21a4e64c6e51c2e1028fe4b42ef4a78cb1914.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    a20f147441d026dd049517b17eb27429

    SHA1

    265829b02a76ed687d531962d7b5ecb23e012199

    SHA256

    fbb850ea9f2757dc2f7cbf04cffcdb41db997edaa5064ed001aafedd1ef7b58c

    SHA512

    7b9bdce6c5932632637fe7a4137086b92581f27cb0fb186ac8ec04774b9be759e3d5c65c8e8fa22e40076c7328808d6961b7e2453b468f1d7f9494f5dab53c3e

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    7d8b00f60de7140ca9d23a95fb71cc7c

    SHA1

    3fc1a0f823c203cb2169193512b4fab5c059d273

    SHA256

    2e8b46f09a86338405d38fd420214f50166b09a09b4fe46a08eeb8ea156b4ad3

    SHA512

    5e3ae51a48dfe6de428105234ca2779074e9bdb23d7a53d493d8d12b30812862877846c776254d7d9357fac49af4a078ad82d7bcdb9fc57e94ca75fa8bfe13ed

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8298.tmp
    Filesize

    140.7MB

    MD5

    433c875775a97c39b365939bfebec2e9

    SHA1

    602d0c9bf071cfdaa4da02a27f1ca58aba83496f

    SHA256

    28a418009abe73726a188a13006b30283795eb7f55588ec8b37d51d3a977ceb0

    SHA512

    3baef936a357eaddef3264e4487cdf881237204febaeaa582d3d5dff57ee96af403bf1c24d4344a3a740cde5a348472779fc1ead37892f05efb7972c33cecd05

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8298.tmp
    Filesize

    140.7MB

    MD5

    433c875775a97c39b365939bfebec2e9

    SHA1

    602d0c9bf071cfdaa4da02a27f1ca58aba83496f

    SHA256

    28a418009abe73726a188a13006b30283795eb7f55588ec8b37d51d3a977ceb0

    SHA512

    3baef936a357eaddef3264e4487cdf881237204febaeaa582d3d5dff57ee96af403bf1c24d4344a3a740cde5a348472779fc1ead37892f05efb7972c33cecd05

    Download Submit