Overview

overview

8

Static

static

3

a4be522e7a...30.exe

windows7-x64

8

a4be522e7a...30.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2023 10:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a4be522e7a50dae7f2827db8488574dd40160c9a9b6134b64aca40c14d840d30.exe

  • Size

    4.7MB

  • MD5

    6a80b5cd1e440023ba69a552eb7cdc1b

  • SHA1

    714a8d8459f926d0cc621560ae83d5efe0892b8c

  • SHA256

    a4be522e7a50dae7f2827db8488574dd40160c9a9b6134b64aca40c14d840d30

  • SHA512

    a8e7ec9d6294ee7d118e229db46c8e447d03f49452d0ea906aa4b1016842b81a108b0ca4e0be3c1535d598911dfd8f0a73802e9e8324a5dd285d7fdf22661cd0

  • SSDEEP

    49152:xb2XfWHdZ8BhE7K2dM3Jqfmc2jRAjY+r5u8QeKxFOJxdb4vZKVI:12XeHdZChmK2d7eRR+KdzOJDb4v+I

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a4be522e7a50dae7f2827db8488574dd40160c9a9b6134b64aca40c14d840d30.exe
    "C:\Users\Admin\AppData\Local\Temp\a4be522e7a50dae7f2827db8488574dd40160c9a9b6134b64aca40c14d840d30.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab4B64.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    ee701998f9c0c9d0b2613eebe9d8b44e

    SHA1

    e05b40b983b626f66748136c9d83b63c04d2a81e

    SHA256

    a6b73ebeb343fd0831e48de07625a183e3683b218a1784c0674858e0f5d45af6

    SHA512

    50404e6d3a604c1d50d4cc53e19b11ccc605e67a3a99942473eb8606fdf00e56201e25d3803169c2742060ce4bc56a36b1b37562b2a8504628174291a81c2a38

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    fddbf087d67f8e100e44ff65fe4e2673

    SHA1

    dc507d14f1b7f8dca0eeb4278ae9457d88d1022b

    SHA256

    0b514add7b97a56adf61523806cd8cc34459588a3992bcb4b6181aea7eea121b

    SHA512

    66a359bf07d3e9b6c20900807bc41ddaba5ae4a5206a40a21d1f0e05424ad2c32b6d8d72a5319bd81db376d61ec23b182e3c992b998a2f2cc0ae8d3d9fa95c57

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4644.tmp
    Filesize

    140.7MB

    MD5

    14df61f45b063918edb8df6ec4bba5ae

    SHA1

    81b92a03fe7654c3bea7803baeeeed43113b1b3c

    SHA256

    ab5ac3ee7f849163cab0140c12ad182ab445227bd715df9418e7a17821c860a3

    SHA512

    ec385f798f33968be8fb3466b7083e826d8a49db0cbc830a02549884e1b61e2fea4c869bf29fe1d0f3a164e8fe642790ecc1a6e1ac48bda9050e4026a99b1d08

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4644.tmp
    Filesize

    140.7MB

    MD5

    14df61f45b063918edb8df6ec4bba5ae

    SHA1

    81b92a03fe7654c3bea7803baeeeed43113b1b3c

    SHA256

    ab5ac3ee7f849163cab0140c12ad182ab445227bd715df9418e7a17821c860a3

    SHA512

    ec385f798f33968be8fb3466b7083e826d8a49db0cbc830a02549884e1b61e2fea4c869bf29fe1d0f3a164e8fe642790ecc1a6e1ac48bda9050e4026a99b1d08

    Download Submit