Overview

overview

8

Static

static

3

1fe48feee5...98.exe

windows7-x64

8

1fe48feee5...98.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    25-11-2023 13:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1fe48feee5c3453f5782c54a759abe92782213d009c7ecc3370729c539f73698.exe

  • Size

    4.7MB

  • MD5

    3e6c79d1396100353ae1a1be4f33f176

  • SHA1

    06295d786f4d002570c7f0731f858f58d0c98113

  • SHA256

    1fe48feee5c3453f5782c54a759abe92782213d009c7ecc3370729c539f73698

  • SHA512

    7bb54770c1efe672cc6e6d52ccaf9abca82a52107f8cc1362eb5a7c57310a82d5f33afd00903e8dfa9eaf25e27a8ca053b78002d17a5b8180ca193c99290a01b

  • SSDEEP

    49152:pFu0DxJ7eN9Fd8iz2prAbjf+yh2HZvj1Jf5QpSX95+r5u8QeKxFOJxdb4vZKVI:/DxJifFR2pEbjf4hHRQvKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1fe48feee5c3453f5782c54a759abe92782213d009c7ecc3370729c539f73698.exe
    "C:\Users\Admin\AppData\Local\Temp\1fe48feee5c3453f5782c54a759abe92782213d009c7ecc3370729c539f73698.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Cab51D9.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    e7b276ca5d3ead69405c39c6d0db9752

    SHA1

    23827ea5ca78418ed2500fb13c78f02e4fa9d226

    SHA256

    04941d89db9d1ba676cd9a508eeb3f11b6783f95f11641757439b0b9f2bb91cb

    SHA512

    9039785fc11ed2940cadb1deef6e37a341e819f6b2795815052d14bb70a8f5dae7ea6e7a92859ad30550bbdf7bf6278f2ca4068152504dafd7124908dc8d6eb6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    2KB

    MD5

    fce784b4f46b204eeaa494d5b2e24ef1

    SHA1

    51ff2976ead61e0a15ce030aff63fc23ba865dbb

    SHA256

    fe8928b900c2d70e6b855d5848599a9913213f837479bce5f0460df7558056ea

    SHA512

    4ee162c8911f92c8a743f2b43a408331d5dc9eb729db9f617e3bedbd21c3dcfc6c4c138649299542392d65952bf59dff3b4f2657ec6ea0d48f450382b482cfaf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    414844be1e75be6fb872178f1faf5518

    SHA1

    a46b3bbf5e05c3444c570ff613b74e88295b1577

    SHA256

    ec06bc673696368767e89a3fdebee0c21a9b7df4d92f737ccf614cb4accde2b5

    SHA512

    c532d84cc9ef3def9c49a146fd4d2f59ebcfdb1cb8f8048edc06d550bbfcca7a1b91875bc0a6fc3faa1e2e91d286ebfb5f2273253d85749941efde81d78fe8de

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    f18652c1596b96b405c489fcd6e96148

    SHA1

    89fd4fcd144f9d65d4db2ebca23741ef016c4edd

    SHA256

    e484fde4cde09f5de70a2311a3084a0243db0b41036c089546066f11cfe81bff

    SHA512

    5c8a2f58a86d8c78e3b9ae281c90fadb42d345cb1271d15cf3f54e13e2d30851a9acf61f61bd6af7661ab024566673e1bd07b82689e62870d2997a2d46cb31f3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4F0A.tmp
    Filesize

    134.6MB

    MD5

    d2fab09bcdd98afd12b47f065f3d78a8

    SHA1

    12e9fc7c0ca542b4678c5ecbfa2ec4339fe28db3

    SHA256

    35bb254b98f429d130cc626ae118309a1f142b5256117fa0be819d51913c266d

    SHA512

    babf88df838a0957426a322d995b0824125a06934f85daf0b6f88d6c2a3657847bc4b54c2290575e68da2f57367c49a7bdd0157354b999d28e3a5a563f4c349e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4F0A.tmp
    Filesize

    134.6MB

    MD5

    d2fab09bcdd98afd12b47f065f3d78a8

    SHA1

    12e9fc7c0ca542b4678c5ecbfa2ec4339fe28db3

    SHA256

    35bb254b98f429d130cc626ae118309a1f142b5256117fa0be819d51913c266d

    SHA512

    babf88df838a0957426a322d995b0824125a06934f85daf0b6f88d6c2a3657847bc4b54c2290575e68da2f57367c49a7bdd0157354b999d28e3a5a563f4c349e

    Download Submit