Overview

overview

8

Static

static

3

7217731b9a...e9.exe

windows7-x64

8

7217731b9a...e9.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    13/11/2023, 21:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7217731b9af0ca42b8ebfa9760e01b35fbd1d6fad61d9280cdab09cd3bdc54e9.exe

  • Size

    4.1MB

  • MD5

    a4e26cc8a69b65946ac1264a71dc3e65

  • SHA1

    773c107d0c0f23fd0c69fe2edc4283c162e08f0b

  • SHA256

    7217731b9af0ca42b8ebfa9760e01b35fbd1d6fad61d9280cdab09cd3bdc54e9

  • SHA512

    9ed562318437118162c22adef8c13816856ac1355de6f59f6077f1cb0db9dadae33eb8b54d3e90ada478b32c4c6f0e24ea4290523b48da93e19efe7f4700216b

  • SSDEEP

    49152:Wb2XfWHdZ8BhE7K2dEj9GY+r5u8QeKxFOJxdb4vZKVe:U2XeHdZChmK2dZKdzOJDb4v+e

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7217731b9af0ca42b8ebfa9760e01b35fbd1d6fad61d9280cdab09cd3bdc54e9.exe
    "C:\Users\Admin\AppData\Local\Temp\7217731b9af0ca42b8ebfa9760e01b35fbd1d6fad61d9280cdab09cd3bdc54e9.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab36DB.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    4e7ce213ef37424f2d103f5c84d81e14

    SHA1

    a0180d56eb39ee562302ba3a84d22a27eea0f86e

    SHA256

    5a6ce71cf1e39347ef34feec9baf34136024a0f9c9f1ab26f24e9823b85b04b9

    SHA512

    68a0ca2616abab777bcbdd47b4b7a3cd1fde90bd272ed494a429b83ec4860dfc46958d49a600a018c2dc2fd5df586b133ce44f5ca5382fc0b1e9dccca12db22f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    529031f25429f949a9812ae18646ee24

    SHA1

    5247f2b9f24a32b08622dba2ee2738c89618af5c

    SHA256

    b0b715e167476346bcf01a7d9602fe775a01979fb81170780dcee664336362cd

    SHA512

    4d6edffb94feb0dd9178527a3b39a32ff1c8e3434bf9667881f11257b7d3d06f55ab5d658c2e4684e141f224875d2a9ceef42e06d18c6322e8253f5f70fdbea1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    a2999b8fbf630e0c0a7e8198eb25c94b

    SHA1

    d095de78e678902dc821277c15d6734a145cad9c

    SHA256

    f0e73bbb12f9c93c3323ff9606ccdc3ac0bbe8c1f5cf939af9cebc88db32311a

    SHA512

    c4b9ea417226a3253ae3a39b11925e0011601c8d3eaea427e7d62f82a984b718c1bc25bac4fb3432aaf6df4537329a26db1fc12001358b20434b43efe9f02ba1

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    542b09f279c209d6324b5c06d76bb124

    SHA1

    6d53b5aa97d6e688efce169c5bf68d706ee6682f

    SHA256

    9cdbd0a6f6b8ee19754cb438189714e5c10528dca4a4966fc88308d72689d84a

    SHA512

    5de4430959d5cfc4e8d2cfe328040dbe4a0049184ccac0b0801fe1d6b2f1aa050cf4a64820359900e24cb9adce4c2c63b1e9748e86f5e147792d490ab57c98bc

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb32A4.tmp
    Filesize

    155.2MB

    MD5

    bff5e7499c471625725a2e6c81949d39

    SHA1

    c4f57b4c59e1c3353936fbb7403335aee65d8451

    SHA256

    a3fcea5933dc50cc1186bd28969a562b56af0f543b0f22eb8fd23e686dd29796

    SHA512

    09c3a8a7d33adfd35a74526ae9c3e015139070a44aa70632e1b578938699f0b6b45038feadcdb9455607ea68237d90bd9b6b6548ba24de0447a438184942d8cc

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb32A4.tmp
    Filesize

    155.2MB

    MD5

    bff5e7499c471625725a2e6c81949d39

    SHA1

    c4f57b4c59e1c3353936fbb7403335aee65d8451

    SHA256

    a3fcea5933dc50cc1186bd28969a562b56af0f543b0f22eb8fd23e686dd29796

    SHA512

    09c3a8a7d33adfd35a74526ae9c3e015139070a44aa70632e1b578938699f0b6b45038feadcdb9455607ea68237d90bd9b6b6548ba24de0447a438184942d8cc

    Download Submit