Overview

overview

8

Static

static

3

b238003044...ea.exe

windows7-x64

7

b238003044...ea.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    152s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/12/2023, 15:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b2380030443b0c3f261a4976d01789eea4c387f93d15f7710fbabf33cf7eeeea.exe

  • Size

    4.8MB

  • MD5

    390542590a3ae0539612d7888ee82722

  • SHA1

    8f3e523c92ce73042067d6615d508a629e1f9b52

  • SHA256

    b2380030443b0c3f261a4976d01789eea4c387f93d15f7710fbabf33cf7eeeea

  • SHA512

    4fe53572f379c8c85b37862067b612df408160bf17d6871b60a94c223fb33bbc410619422e532711d989047d80da0ab62f1569cd4ad958f2a1de5cc49ee61ee9

  • SSDEEP

    98304:ugu9llk/yHwNf3n48yk1aaKdzOJDb4v+uY:sllzBZwN0v+uY

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b2380030443b0c3f261a4976d01789eea4c387f93d15f7710fbabf33cf7eeeea.exe
    "C:\Users\Admin\AppData\Local\Temp\b2380030443b0c3f261a4976d01789eea4c387f93d15f7710fbabf33cf7eeeea.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3364

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          4KB

          MD5

          df18f815cff0c69f44f670f95d66762a

          SHA1

          ca3e88e7d20d5451c410e605af1f91832600acbb

          SHA256

          07bf7e4325e6a740e5856964834db638ee0f5050d188f5edc26e1f5192484952

          SHA512

          28e91a2f7dd036c54c834c8d28df62df001432659de18946f6a4cdb100f3ff9f7fa6bd88539742f1139c6997a08fe5fd9098532f946d4c55b963ca0ebcc35794

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\yb72FD.tmp
          Filesize

          1.9MB

          MD5

          cb8cf9a659cd94e47541e145bf354a91

          SHA1

          d9371f51e59d875e873e945092b40d6825f093d0

          SHA256

          8007a4012b715b3b0e579ad2d033564602cdd0165c68e6dcdf51d7f2fe81ae6e

          SHA512

          979f70f7a3372cded897f41990f7924619ba0841e269dcf3eaea2e27b1f134a7ba25ab97af3b070da39494698251672ebcbc4b9dce8bc43db02ce1c1a8d4df75

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          f2879021eab4ece5bd217a92c3e05b25

          SHA1

          6e2ec8e54db0e77c4cf550e27d26b6415355e8ce

          SHA256

          9ea3e1db1470cb1faa4a38a1c710d39d4adb0cae966e32260b511e19f19737c1

          SHA512

          30ec2d67838f9d4ea44b5d232dc3f0325ad70455909693144ce6bbf79ef937dc45f789104bcd1054bd76bf5d45893ac892f2fe457f95336678606973ab010a82

          Download Submit