Overview

overview

8

Static

static

3

ffa5c83e43...e3.exe

windows7-x64

8

ffa5c83e43...e3.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    24/11/2023, 16:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ffa5c83e4350cd1b12d7f13ddd3c7535ec87e28f7837e7b7eb6649366d3e99e3.exe

  • Size

    4.7MB

  • MD5

    52b1dae52f89be07f2293fa34f0577f3

  • SHA1

    b4dc57a04d8997846bcffe901fb3c2f50a8c3242

  • SHA256

    ffa5c83e4350cd1b12d7f13ddd3c7535ec87e28f7837e7b7eb6649366d3e99e3

  • SHA512

    3fba2bdcdeef730064c4d38ac03c7cf4de09ce4efad33a3177e9658bc9dee8f21eff8449b49598a29d3715f349ba984ffb53654b7a95caac229da149e9dc3511

  • SSDEEP

    49152:pFu0DxJ7eN9Fd8iz2prAbjf+yh2HZvj1Jf5QpSX95+r5u8QeKxFOJxdb4vZKVI:/DxJifFR2pEbjf4hHRQvKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ffa5c83e4350cd1b12d7f13ddd3c7535ec87e28f7837e7b7eb6649366d3e99e3.exe
    "C:\Users\Admin\AppData\Local\Temp\ffa5c83e4350cd1b12d7f13ddd3c7535ec87e28f7837e7b7eb6649366d3e99e3.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2952

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          4KB

          MD5

          f7a1b2472cbb5be50207f3e53c65f617

          SHA1

          14402711bf0c03085221350f26b457d0da5df0ff

          SHA256

          939db8f6a5c8cdb486b68241a97dcc55e7ce7670f2bcea8369170b7c25f56a32

          SHA512

          92906cbf65f3abec5bcc96bb0f3de16999eaceb243eeb23b51059a31e08462b636a7b09da935cee6e4b87272b7fe0df56a3d0de51388377d96be76b159bfd12c

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          772feadeac904fe748e8dfef9ca03b21

          SHA1

          324ed3074aaa0edc36150a220275feefc1c95f3b

          SHA256

          512d203c7adf5118547d6c48ec981db05052a6ce583e1f034dd988b788eac3c9

          SHA512

          dd128bf58f55b7f571bf7bc57a2414447c719fc44fdeccaac2c3cdcb5ab0f16506a3aaf2ab8395335fdfca2741ddbcbe16bcb668df9cf549a7e7903f8d0d5bee

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb98E5.tmp
          Filesize

          134.6MB

          MD5

          d2fab09bcdd98afd12b47f065f3d78a8

          SHA1

          12e9fc7c0ca542b4678c5ecbfa2ec4339fe28db3

          SHA256

          35bb254b98f429d130cc626ae118309a1f142b5256117fa0be819d51913c266d

          SHA512

          babf88df838a0957426a322d995b0824125a06934f85daf0b6f88d6c2a3657847bc4b54c2290575e68da2f57367c49a7bdd0157354b999d28e3a5a563f4c349e

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb98E5.tmp
          Filesize

          134.6MB

          MD5

          d2fab09bcdd98afd12b47f065f3d78a8

          SHA1

          12e9fc7c0ca542b4678c5ecbfa2ec4339fe28db3

          SHA256

          35bb254b98f429d130cc626ae118309a1f142b5256117fa0be819d51913c266d

          SHA512

          babf88df838a0957426a322d995b0824125a06934f85daf0b6f88d6c2a3657847bc4b54c2290575e68da2f57367c49a7bdd0157354b999d28e3a5a563f4c349e

          Download Submit