Overview

overview

8

Static

static

3

ae149e694e...7f.exe

windows7-x64

8

ae149e694e...7f.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    26/11/2023, 19:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ae149e694eb2c2d15583c4cc37f3e7275f21c8ac13906182412b99f15921b67f.exe

  • Size

    4.7MB

  • MD5

    d68d17258f9dea6efb2bbf1a3bac4f4e

  • SHA1

    ee0471ea235505366491b17acc294ed2172b2360

  • SHA256

    ae149e694eb2c2d15583c4cc37f3e7275f21c8ac13906182412b99f15921b67f

  • SHA512

    c3de6ee7e0c02ed16665e3ceb0d2dba4d0dcce9e21b38f3401cee7ae60cd41b5c6ee86fd8d7704d7768a0b959d0e197a4173f5cbaf9fc2fc04fcb016df7da9b2

  • SSDEEP

    49152:pFu0DxJ7eN9Fd8iz2prAbjf+yh2HZvj1Jf5QpSX95+r5u8QeKxFOJxdb4vZKVI:/DxJifFR2pEbjf4hHRQvKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ae149e694eb2c2d15583c4cc37f3e7275f21c8ac13906182412b99f15921b67f.exe
    "C:\Users\Admin\AppData\Local\Temp\ae149e694eb2c2d15583c4cc37f3e7275f21c8ac13906182412b99f15921b67f.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    0c3f75f6d18fbbd5ef836f4a1944faf0

    SHA1

    0c3e0df77e7791606b31f710b983f3326c26c6c5

    SHA256

    f849514b8861c79a3390da80e9f81cb5a41dd274f23c707db654465cf68abd2b

    SHA512

    2c4800b262558b480e02dc6ed3d50e15dd592e09601d0d69c3b9985da63b1eee8f4c50f715447f894c247c64cda0de50b40181c4391fae1496594e0db5cd71be

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    f198faed084cff4eae084ae3ad2b8cd6

    SHA1

    8b8acbc078e48794cd10ca69f2a0d40f8a88e0bf

    SHA256

    7eddd774395ad768e1b247607b8176325a8bf6df6b5eabf20b1cc5c00bcf5ae1

    SHA512

    0d4cee8cc9836df07655155788e6919a15f0a23784ac8e8573dee529a52c97ab904316f8feb9054602dcfc93ff3bd2a4badb9e100f868d8b713b1a6e85c705d1

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    fe8f47abdf6e4bdd848a925b4dd79091

    SHA1

    190a3b57f224f9aebb5435924a6463ff99c3ab42

    SHA256

    7d87e906ba5353370a9bf6228729709691be53c3ccde880a96877422e65c8949

    SHA512

    2791d01ddcb455166c0a83f4fb43f873f9fa32fb2c90779e753aa8bdda0de99770dc21f6618e2548142ba07a03eef4b0bd9ecfeedd80ec8e54e37ff27cfb6756

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb39A6.tmp
    Filesize

    134.6MB

    MD5

    d2fab09bcdd98afd12b47f065f3d78a8

    SHA1

    12e9fc7c0ca542b4678c5ecbfa2ec4339fe28db3

    SHA256

    35bb254b98f429d130cc626ae118309a1f142b5256117fa0be819d51913c266d

    SHA512

    babf88df838a0957426a322d995b0824125a06934f85daf0b6f88d6c2a3657847bc4b54c2290575e68da2f57367c49a7bdd0157354b999d28e3a5a563f4c349e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb39A6.tmp
    Filesize

    134.6MB

    MD5

    d2fab09bcdd98afd12b47f065f3d78a8

    SHA1

    12e9fc7c0ca542b4678c5ecbfa2ec4339fe28db3

    SHA256

    35bb254b98f429d130cc626ae118309a1f142b5256117fa0be819d51913c266d

    SHA512

    babf88df838a0957426a322d995b0824125a06934f85daf0b6f88d6c2a3657847bc4b54c2290575e68da2f57367c49a7bdd0157354b999d28e3a5a563f4c349e

    Download Submit