Overview

overview

8

Static

static

3

5927c2898e...11.exe

windows7-x64

8

5927c2898e...11.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    16-11-2023 19:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5927c2898ee1890537d880f35694387c909746580297f69afe0ddecf08c7ca11.exe

  • Size

    4.7MB

  • MD5

    8cdc0a799d86d74e0779963f6f3cd2a7

  • SHA1

    f4a4a7d0a70dc937c61ab637f8f88bba88607b13

  • SHA256

    5927c2898ee1890537d880f35694387c909746580297f69afe0ddecf08c7ca11

  • SHA512

    6cbba3e59442e5504a4f5e0628fd8bdd7e04bc38f6b0219e273bd15d8a26b9019ceb74c906b843772e21ee521a9022d3518b6cde53a1c0c1349c762aa247c39e

  • SSDEEP

    98304:y2XeHdZChmK2dkvDzF2CLcKdzOJDb4v+f:edZybPLwN0v+f

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5927c2898ee1890537d880f35694387c909746580297f69afe0ddecf08c7ca11.exe
    "C:\Users\Admin\AppData\Local\Temp\5927c2898ee1890537d880f35694387c909746580297f69afe0ddecf08c7ca11.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    77a481f225ec1852f2ea45cad9bf553e

    SHA1

    64edefe1c11362efc7b903a1eb445f64a7044ca1

    SHA256

    7565e98f619e1a95abdb77cc14f864ad38984e40be5d3d3e8652ec671663264e

    SHA512

    dca75d094c850b0afab7f46f44cb5b8b17564f769ac8a2ff82585288dc74c5753065bab24375fc3e5944b45abda58a4459359703f16630e6291a2f881004c6c5

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    6ae49df255bc0da08cf59fae3ab12f56

    SHA1

    e9a535f78254a8a8876ecf612601978a34d887f5

    SHA256

    3fb2bcc1417cec765dd55090b77766317acd3e4a4f7aa4f9fc089d925ecd80ab

    SHA512

    6b2c69034a8854cae38bb363858a9f100f28672f4dfcc52b499dfc1167bcfbfc7c05fa46ae16ba1f1287213797e8a1401672e7e28d9f4b2f83f9cdb4ef4e76be

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb692F.tmp
    Filesize

    146.2MB

    MD5

    06414b7efabecbf8425122e533dd92af

    SHA1

    a55f55007c8836a67b3ad998b01b9611241233d0

    SHA256

    d6d7cd9c756f76b51e6f1eaac3a566e37d05d91370f8c0978a381dd3ecee820c

    SHA512

    1f4ae28121d7294a2b504a0e8166a0f0a56caacad51de47d0c54e2fb71a082c2c35a43161f90579307d17e6b0431a7268717ccbc2fcfe9c9c6d7bd793b2f70a8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb692F.tmp
    Filesize

    146.2MB

    MD5

    06414b7efabecbf8425122e533dd92af

    SHA1

    a55f55007c8836a67b3ad998b01b9611241233d0

    SHA256

    d6d7cd9c756f76b51e6f1eaac3a566e37d05d91370f8c0978a381dd3ecee820c

    SHA512

    1f4ae28121d7294a2b504a0e8166a0f0a56caacad51de47d0c54e2fb71a082c2c35a43161f90579307d17e6b0431a7268717ccbc2fcfe9c9c6d7bd793b2f70a8

    Download Submit