Overview

overview

8

Static

static

3

1f211e44ff...03.exe

windows7-x64

8

1f211e44ff...03.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    29/10/2023, 11:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1f211e44ffcad6b1630a962b7e440c434d950c510968dbc119bfe3cf1b8ec103.exe

  • Size

    4.8MB

  • MD5

    8811a8d900cade9782c56d34f7a78e32

  • SHA1

    51ca25f913e07bef669adac3af7891fcd19fe66b

  • SHA256

    1f211e44ffcad6b1630a962b7e440c434d950c510968dbc119bfe3cf1b8ec103

  • SHA512

    8966bd84acf73a7b4837637461723259d514f555501079c33d62bd7861f526c69b4fa8100ea6de5b049cd16bb2ba6cd74cf2aa31789b299b4224772b78a4a5ac

  • SSDEEP

    98304:7TVlYQiFIUueAAu2PkcCO3LUKdzOJDb4v+es:NlY02PkcFwN0v+es

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1f211e44ffcad6b1630a962b7e440c434d950c510968dbc119bfe3cf1b8ec103.exe
    "C:\Users\Admin\AppData\Local\Temp\1f211e44ffcad6b1630a962b7e440c434d950c510968dbc119bfe3cf1b8ec103.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3064

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\Cab5CC1.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          5KB

          MD5

          fd5ab3670cbb4f7f3e65c9677a3f9acb

          SHA1

          9fa46b8eda00e35d2984b44af7e5feec32f6281f

          SHA256

          78b51751d7e4a2083e8539eb78f7e61c63fb98fb6e6e302aee5dadf7f7758137

          SHA512

          eed01c0ced37c73628014db161b11a7690514706506bd5085b184a21073d984e2ed6ee4020ebb1a20c857f8909361083cae67f5711b64f1026ca12d741eaa251

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          5KB

          MD5

          fd5ab3670cbb4f7f3e65c9677a3f9acb

          SHA1

          9fa46b8eda00e35d2984b44af7e5feec32f6281f

          SHA256

          78b51751d7e4a2083e8539eb78f7e61c63fb98fb6e6e302aee5dadf7f7758137

          SHA512

          eed01c0ced37c73628014db161b11a7690514706506bd5085b184a21073d984e2ed6ee4020ebb1a20c857f8909361083cae67f5711b64f1026ca12d741eaa251

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          44f416657ab0a01d3654f1ff8f23ea5c

          SHA1

          059be60fa723aedce70b8785d39febb27f3a6c78

          SHA256

          f2a76e04f4573f998142a29df8cf45b5583b5d696d3419cf5321f32703acc2a6

          SHA512

          1409d2a84b93f629406180137c7a98136f15a639f9e9e2cfd519f5f28b303be8ea432b4dcc115d3e994a1998c721c8e4f65b856f7892c42fd99579afc1bcf66c

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb57FF.tmp
          Filesize

          140.7MB

          MD5

          433c875775a97c39b365939bfebec2e9

          SHA1

          602d0c9bf071cfdaa4da02a27f1ca58aba83496f

          SHA256

          28a418009abe73726a188a13006b30283795eb7f55588ec8b37d51d3a977ceb0

          SHA512

          3baef936a357eaddef3264e4487cdf881237204febaeaa582d3d5dff57ee96af403bf1c24d4344a3a740cde5a348472779fc1ead37892f05efb7972c33cecd05

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb57FF.tmp
          Filesize

          140.7MB

          MD5

          433c875775a97c39b365939bfebec2e9

          SHA1

          602d0c9bf071cfdaa4da02a27f1ca58aba83496f

          SHA256

          28a418009abe73726a188a13006b30283795eb7f55588ec8b37d51d3a977ceb0

          SHA512

          3baef936a357eaddef3264e4487cdf881237204febaeaa582d3d5dff57ee96af403bf1c24d4344a3a740cde5a348472779fc1ead37892f05efb7972c33cecd05

          Download Submit