Overview

overview

8

Static

static

3

07a34ca74b...9d.exe

windows7-x64

8

07a34ca74b...9d.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    14-11-2023 18:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    07a34ca74bf172c1c8dca3b1e5cada30ae61d9f831a90fe8587552a4ca1a2b9d.exe

  • Size

    4.6MB

  • MD5

    a8537087808e529170804a8ae9c28919

  • SHA1

    cb58a0d4cd11537f7785d4e3ada74a8f52ad05bf

  • SHA256

    07a34ca74bf172c1c8dca3b1e5cada30ae61d9f831a90fe8587552a4ca1a2b9d

  • SHA512

    0b97ea97978aea73c2a45259212e6348ef96abf4e60537264f124a7db70a76943c1b87d6270340e2b685b0851040668ffee064c32b5748df982f198a1deb3b12

  • SSDEEP

    49152:Xub3nCuhEBygPHQK2FW99w6DvoVSY+r5u8QeKxFOJxdb4vZKVX:eb3CuhEcgYK2F+DzKdzOJDb4v+X

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\07a34ca74bf172c1c8dca3b1e5cada30ae61d9f831a90fe8587552a4ca1a2b9d.exe
    "C:\Users\Admin\AppData\Local\Temp\07a34ca74bf172c1c8dca3b1e5cada30ae61d9f831a90fe8587552a4ca1a2b9d.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    678b7b737b4d137059d007e55af2f2ec

    SHA1

    9228ec8c9479945d5de6a73d4e13dba1026fe05c

    SHA256

    4b45cd3839db286d3c148b8d28e9bf96861367a881dac1439f9370bd1249226a

    SHA512

    503131366af80b66dc913135b569311032b63782c421bc51d7b47699ddae6431796fb56222274a0009377bdda1e33516fd50995d01f3dceb27e49d23c86f744a

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    571517b763845a31f6c5d9edd227b2ca

    SHA1

    99de366754cbd363b12038425f1b07da97d5e08f

    SHA256

    71aae4016b9ec0da127410befeb8ea823daa97979ebbe2545b590f2f3ad8e1cc

    SHA512

    8689354a1a94659f1db713eb22165cb0e3c22706281fbf18db12f5f3f4c09083a6ff555dd3e983cd2c2f1a9ef555edf27f8f5471404ae35d4a9fc2e9f68d8aa0

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb400C.tmp
    Filesize

    155.1MB

    MD5

    80be523a7c64745841a0dbb6f4ff0774

    SHA1

    142b34279ceba26203ac65a8092b1010f486fced

    SHA256

    9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

    SHA512

    a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb400C.tmp
    Filesize

    155.1MB

    MD5

    80be523a7c64745841a0dbb6f4ff0774

    SHA1

    142b34279ceba26203ac65a8092b1010f486fced

    SHA256

    9e321625e8c39a2d11025b52fd22296da145a76fdd38963d592523458ed70b69

    SHA512

    a30c010a3565cfa57dbf0a902b6763b27688c667e3110ad5ce13a23d41540c82b7399472df1e4a0d82603ba254a8008bb22a09370de2cda539cf33e62a8158b1

    Download Submit