Overview

overview

8

Static

static

3

841d8db6f5...06.exe

windows7-x64

8

841d8db6f5...06.exe

windows10-2004-x64

8

Resubmissions

07-11-2023 20:46

231107-zklhqsga2y 8

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 20:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    841d8db6f5cf53016344670a89b739c767a1006a54fc745c3f2f63d322c62506.exe

  • Size

    4.0MB

  • MD5

    4d6cf5cc71609cb4bac23fcc5df28f43

  • SHA1

    4b73b1baa0a87617d9eee14a925e0c46f9d261c7

  • SHA256

    841d8db6f5cf53016344670a89b739c767a1006a54fc745c3f2f63d322c62506

  • SHA512

    cda76ba45cc50fd68e2e886d9b5014b495bdf4b11b608a4f76c47d8567b4828342b052339905b23a306a4725ff42aa72518efc1b85f48dfc2595da10791f1464

  • SSDEEP

    49152:6ub3nCuhEBygPHQK2FWK9w8Y+r5u8QeKxFOJxdb4vZKVx:hb3CuhEcgYK2FhKdzOJDb4v+x

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\841d8db6f5cf53016344670a89b739c767a1006a54fc745c3f2f63d322c62506.exe
    "C:\Users\Admin\AppData\Local\Temp\841d8db6f5cf53016344670a89b739c767a1006a54fc745c3f2f63d322c62506.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    cb0dca941ca3c9ab2581eab4a3ab0859

    SHA1

    20ad7b4c5da25f120112848844f5de527e77c28e

    SHA256

    e812a271a3400c54f4ae540ad8f98b88534caa893793cef0a75fc0f8b44935ca

    SHA512

    aad75925a9dd348805ca88837f4210c1a974acc74cfd83b87e1a9ccdc0b55daed6ca90a6b9c1559c9a981a78cb2e385c4c7259b7e50562e293912e73efe21a07

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    207c4f287987f37796dded866c3e1743

    SHA1

    88c1ea4e5ea483a4bded9706b3c1df31a535c8c5

    SHA256

    73159b2071e11a663dccbfe866e4b55246bc5336e511703a067b78f47a4ba3f5

    SHA512

    4509b85754592bebcd7a2e5cf47b71289666dda2d1ef164b90971592d3f973f520293e95dbd237f184c33e12b3fb8516510c5ff2710bdd48ea0faca03d156462

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    a54e94847191bf98f18ba00f6d478d4d

    SHA1

    fed3b78a95a9fbeeafc717db4543396b3cdc6962

    SHA256

    f1ffd8f5faa0aeef659001baf8b129014dfb3270e719fce66e15f82db5e46ab2

    SHA512

    139c8f13a287eeebc161b3c71fcc361681396fea9014a1469dbef0bcae6c419b7f84ed0f2aa4be9a35ca2ebc3cbc90ba4fa6cb384e664f492302701d2c79627b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5EF2.tmp
    Filesize

    155.1MB

    MD5

    80be523a7c64745841a0dbb6f4ff0774

    SHA1

    142b34279ceba26203ac65a8092b1010f486fced

    SHA256

    9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

    SHA512

    a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5EF2.tmp
    Filesize

    155.1MB

    MD5

    80be523a7c64745841a0dbb6f4ff0774

    SHA1

    142b34279ceba26203ac65a8092b1010f486fced

    SHA256

    9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

    SHA512

    a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

    Download Submit