Overview

overview

8

Static

static

3

ed54265de4...07.exe

windows7-x64

8

ed54265de4...07.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    05-11-2023 20:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ed54265de49201c5e88eb95a17470cc6660dbf01bac3b21b8ce98ad82e25ce07.exe

  • Size

    4.0MB

  • MD5

    7337a2ea295fb220ff233734af3c8c25

  • SHA1

    caac6ea7e70cd04a1858e7a7c090bbc333dd28a0

  • SHA256

    ed54265de49201c5e88eb95a17470cc6660dbf01bac3b21b8ce98ad82e25ce07

  • SHA512

    11b8b9432b84c81a28307320de674c291ef00f96cba78a3a4983df37712e3d7e69d34d05fc8173167433270fc317bd7825599898f5ff04b0af76f7d16ee05f91

  • SSDEEP

    49152:eub3nCuhEBygPHQK2FWu5wQY+r5u8QeKxFOJxdb4vZKVZ:Nb3CuhEcgYK2FHKdzOJDb4v+Z

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ed54265de49201c5e88eb95a17470cc6660dbf01bac3b21b8ce98ad82e25ce07.exe
    "C:\Users\Admin\AppData\Local\Temp\ed54265de49201c5e88eb95a17470cc6660dbf01bac3b21b8ce98ad82e25ce07.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    4e60c894a63d832694f89b32936bdfdd

    SHA1

    dce8a934a76c2f65fee3b695c5326d268625a2ba

    SHA256

    e41243b8300d7afc515563b2aa4412a3642d7c9e5ed12c0c549f382a0a6f6ac2

    SHA512

    889ed2d41eed4169e1e61c921f5772cc2188edeb95e286036c06c401d74a9e94a9f311f7c32032e83b5e8a310a255fa0cc44c41cfd7d969842cf9d98a85119aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    41a861a99957d9ab547ca87f3cfbbcee

    SHA1

    17b84c3fef461eb4f77f23fa757169b330f5da47

    SHA256

    7451edd83317786d78cc3735eb84d40c7413844e6a144270c7cd5ee41737b184

    SHA512

    4c854afe24a4802e903460a852b9228e28076c7a177198e4c1ef8542d8c4e34979e43433c1b812a9220cd1aa57ad97ea3d28db9233bacc5b5fc9368968de4e63

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    cef1cfc353e5836940a7f41fe470a32c

    SHA1

    9ced24c69da2a84984ddebac4ce2c6ee15fc0d22

    SHA256

    ee022a2abbf215116ea74683e51d5406cdc887e1004ef468a87afea9767ae802

    SHA512

    fcf7b224019227bf9d201f8ab0c2cedcd6bd2000dc0fe2e6591f824154207a6d1a36e96626917f1718ce5c86baf91476f09e6b7cd467d6072f58a17dcd42159e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb360E.tmp
    Filesize

    155.1MB

    MD5

    80be523a7c64745841a0dbb6f4ff0774

    SHA1

    142b34279ceba26203ac65a8092b1010f486fced

    SHA256

    9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

    SHA512

    a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb360E.tmp
    Filesize

    155.1MB

    MD5

    80be523a7c64745841a0dbb6f4ff0774

    SHA1

    142b34279ceba26203ac65a8092b1010f486fced

    SHA256

    9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

    SHA512

    a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

    Download Submit