Overview

overview

8

Static

static

3

785dce3066...7b.exe

windows7-x64

8

785dce3066...7b.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    03/11/2023, 04:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    785dce3066fb404e64250a9d6558d6a4c8afe4d3ce06a17e403f5d15ceae907b.exe

  • Size

    4.0MB

  • MD5

    9d675f1dc40b85c5800e2a356e246dcf

  • SHA1

    5d224c82238f54a60510408c3a96019c5444e775

  • SHA256

    785dce3066fb404e64250a9d6558d6a4c8afe4d3ce06a17e403f5d15ceae907b

  • SHA512

    f9a0d8dd17209f74b529a6289a86a3667b38e17a10822c48c12151a48490200c682c74dd14e3914ecbc54774eb399ed0f05df1b85b503be96ed7e4b508c3ce19

  • SSDEEP

    49152:3ub3nCuhEBygPHQK2FPzhhe3Y+r5u8QeKxFOJxdb4vZKVU:+b3CuhEcgYK2FoKdzOJDb4v+U

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\785dce3066fb404e64250a9d6558d6a4c8afe4d3ce06a17e403f5d15ceae907b.exe
    "C:\Users\Admin\AppData\Local\Temp\785dce3066fb404e64250a9d6558d6a4c8afe4d3ce06a17e403f5d15ceae907b.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    e604db503154a46404f0cb0901250103

    SHA1

    aee6eaae878ddef68e00a226f3a81cd6963b34d3

    SHA256

    b0293349661c10ba2eaa692a407a37bad967bf3019d2415b6e3c5ba1baac9213

    SHA512

    9f32ebfe21b4883dbbdea6474598f6cff578872f39a247e95b8a1483a2eab6e1ac2ac6568d3d38c48f2d72c6296c9069b7b7e36933d572f9750f085f1edbd4da

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    aca7704ff0b543cfdd8c651b5be4dfbf

    SHA1

    221309f3711d69cbda02ebc9f9762704e3b76a14

    SHA256

    436693a311f13571d812e2b8e114a9aededc541d2faf997456d17e95246f480c

    SHA512

    3815933700af60f579aa4e6d55339ea8677e034f86a34cf5f421df1a91b955403bd8b21e1ab3f7076d5cc55b38efcb83aad3c1b5eb59aade689aa3b496db7f31

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5CD0.tmp
    Filesize

    155.1MB

    MD5

    3469020b81ad87c33bd9e36b3e3e6ba8

    SHA1

    008a1622d92eba3c935a8a068e7125e1c2fdd3c6

    SHA256

    8b3569d4f33acdee3884afe9ec30d6a91bacfafacf7f324371cfbc4fcaad1933

    SHA512

    c892acdde8b6b7269144702a6ae12f27d4c637cad4d6eff9dbdeba6f9ed656220922b088901daa835b7718e998623552d5d8af38a19e4322bbc07fb9af1d9ed9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5CD0.tmp
    Filesize

    155.1MB

    MD5

    3469020b81ad87c33bd9e36b3e3e6ba8

    SHA1

    008a1622d92eba3c935a8a068e7125e1c2fdd3c6

    SHA256

    8b3569d4f33acdee3884afe9ec30d6a91bacfafacf7f324371cfbc4fcaad1933

    SHA512

    c892acdde8b6b7269144702a6ae12f27d4c637cad4d6eff9dbdeba6f9ed656220922b088901daa835b7718e998623552d5d8af38a19e4322bbc07fb9af1d9ed9

    Download Submit