Overview

overview

8

Static

static

3

c49c547c7f...6a.exe

windows7-x64

8

c49c547c7f...6a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    26/11/2023, 15:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c49c547c7f44b119ae52dfff4c93d63fa1f654943bf4881ff2b0efccf6074a6a.exe

  • Size

    4.7MB

  • MD5

    05a81c0a0331745091de534b2361e91e

  • SHA1

    75d18dab1f0608e27e47c2a4bf6b7782faa83731

  • SHA256

    c49c547c7f44b119ae52dfff4c93d63fa1f654943bf4881ff2b0efccf6074a6a

  • SHA512

    fb44e4f062c5875907c25d0efb83c56a1beb9b45fb9479ceb3ea6ab3d1c9589a63d6446521cca5b50756dd3644912f5042620a825acac9d9f4bdd2065a907003

  • SSDEEP

    49152:pFu0DxJ7eN9Fd8iz2prAbjf+yh2HZvj1Jf5QpSX95+r5u8QeKxFOJxdb4vZKVI:/DxJifFR2pEbjf4hHRQvKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c49c547c7f44b119ae52dfff4c93d63fa1f654943bf4881ff2b0efccf6074a6a.exe
    "C:\Users\Admin\AppData\Local\Temp\c49c547c7f44b119ae52dfff4c93d63fa1f654943bf4881ff2b0efccf6074a6a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2396

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          4KB

          MD5

          f020171151f37971e144e6066afed294

          SHA1

          74adee33c1f144b49e3d81551b643060d4249d8c

          SHA256

          c8e2732089abbabc9f2bb1bfb238ffab7091aaaf35788a0fc7b6b0c13d30df0f

          SHA512

          0f8456c8a6a5a243db3eb7672b56e7f3aed9634ae429b2922202a7125ab516a99934aa9ed26eabbb2587610e7d6605592f544d21e35596bcbb0a26ab7dc171c9

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          ac494125d565b0c0f4cbc55fc201a8b3

          SHA1

          66e4dd850be212d644e31b80dce6b42e5a39475e

          SHA256

          4caab1605f994f16b54f7ff0b39f47e1473d0d901545db4f110721f8133b0402

          SHA512

          94586349471c199c704435fb5f86a50beff5aef3fe4843e567c21bffd1003e1dba4a42e873e70af31f8dc081b7cf6f68f64258873dc8508a86946789db191047

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb8E0D.tmp
          Filesize

          134.6MB

          MD5

          d2fab09bcdd98afd12b47f065f3d78a8

          SHA1

          12e9fc7c0ca542b4678c5ecbfa2ec4339fe28db3

          SHA256

          35bb254b98f429d130cc626ae118309a1f142b5256117fa0be819d51913c266d

          SHA512

          babf88df838a0957426a322d995b0824125a06934f85daf0b6f88d6c2a3657847bc4b54c2290575e68da2f57367c49a7bdd0157354b999d28e3a5a563f4c349e

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb8E0D.tmp
          Filesize

          134.6MB

          MD5

          d2fab09bcdd98afd12b47f065f3d78a8

          SHA1

          12e9fc7c0ca542b4678c5ecbfa2ec4339fe28db3

          SHA256

          35bb254b98f429d130cc626ae118309a1f142b5256117fa0be819d51913c266d

          SHA512

          babf88df838a0957426a322d995b0824125a06934f85daf0b6f88d6c2a3657847bc4b54c2290575e68da2f57367c49a7bdd0157354b999d28e3a5a563f4c349e

          Download Submit