Overview

overview

8

Static

static

3

f829668c1c...6d.exe

windows7-x64

8

f829668c1c...6d.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    06/11/2023, 15:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f829668c1c3633c819b3729812a4284455ec0703b61f45a212dcb3327e053a6d.exe

  • Size

    4.0MB

  • MD5

    3a68c9be2f60ed2a6ebcc353e29fdd00

  • SHA1

    ad015c37168e6d41c5f8dfdbad4a8b12d369cec9

  • SHA256

    f829668c1c3633c819b3729812a4284455ec0703b61f45a212dcb3327e053a6d

  • SHA512

    2a08aceba6942f60fd744129f98fe2bbc872f71f1f67f7e75d45f54b4e7a77f8f60a704263fac76352b8e20786eb09719b11dbd7ad8c81189c2132435f48a71f

  • SSDEEP

    49152:6ub3nCuhEBygPHQK2FWK9w8Y+r5u8QeKxFOJxdb4vZKVx:hb3CuhEcgYK2FhKdzOJDb4v+x

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f829668c1c3633c819b3729812a4284455ec0703b61f45a212dcb3327e053a6d.exe
    "C:\Users\Admin\AppData\Local\Temp\f829668c1c3633c819b3729812a4284455ec0703b61f45a212dcb3327e053a6d.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1720

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\Cab4D0A.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          1KB

          MD5

          37c4eb50e2cead5d3321a52853faad1d

          SHA1

          34000054146bf284f72bfd5c0336768278df92e6

          SHA256

          f106c31929a895a06237dc7563cd412375e44a9f37d97177d4919510020b27c2

          SHA512

          2ff3a95b00cf947b32bbc40e6ea44496acdebabaa948c823d51ab860f8a9bd520a57972c08f538b7c345e30e419fe11abc5bdd57db520356dd61e03da31db576

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          5KB

          MD5

          a16a47ba99a54dc661c46120aef5e5cd

          SHA1

          0858c257c5d6d241aa3effa06d5bc2d6ceaeaec5

          SHA256

          f36e4d275c1288362a3bb201761a1669f9176d981275315c9b19392967ad22a2

          SHA512

          3c6a6501e2469dd952a498fa3e721370c97737aeb3b86e7d567dc3e129d7a5ec89027dc2a781803a752314d06dcbf0e2d6b4816f933a6ba4e71792328e709548

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          69978cfe5cd5df5f678b55460d3bda6d

          SHA1

          592d42ba86d477da79e0398f3f1ff56e74f31a5c

          SHA256

          23b464f3697466258e6ad91e20a81201c5385f54deced13b43f5049bd1c4d8ff

          SHA512

          80855e18f6e5c8105ddd2e2baeb1ac28d20d72899c027659d8d598ee7e8d22d0b974ca994519509aaa2b21e2b044ff03e2f10d1804b3dd852528b368449edeb0

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb496F.tmp
          Filesize

          155.1MB

          MD5

          80be523a7c64745841a0dbb6f4ff0774

          SHA1

          142b34279ceba26203ac65a8092b1010f486fced

          SHA256

          9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

          SHA512

          a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb496F.tmp
          Filesize

          155.1MB

          MD5

          80be523a7c64745841a0dbb6f4ff0774

          SHA1

          142b34279ceba26203ac65a8092b1010f486fced

          SHA256

          9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

          SHA512

          a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

          Download Submit