Overview

overview

8

Static

static

3

61dabf94f5...6a.exe

windows7-x64

8

61dabf94f5...6a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01/01/2024, 13:38

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    61dabf94f5eccaed974d22f60f80dc1de6caf6583422e62e410d58537a9c346a.exe

  • Size

    5.1MB

  • MD5

    e229082ec32439f093be7364454a7626

  • SHA1

    fa4ecd1197f69845f57d91eaa7c416bb67bbfc10

  • SHA256

    61dabf94f5eccaed974d22f60f80dc1de6caf6583422e62e410d58537a9c346a

  • SHA512

    9a94f9d34a493a20702d2cc562054f4544a206c71b67168bed51af03eb1e157e36a37398dcc9179ff759ed5e1ef0e6168dec14454743295cb7e56ee2e110e55f

  • SSDEEP

    98304:8HenYKGxUcl3nT86Ytacv5Se1KdzOJDb4v+u:8Hr/YtacvuwN0v+u

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\61dabf94f5eccaed974d22f60f80dc1de6caf6583422e62e410d58537a9c346a.exe
    "C:\Users\Admin\AppData\Local\Temp\61dabf94f5eccaed974d22f60f80dc1de6caf6583422e62e410d58537a9c346a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1728

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          6KB

          MD5

          733c0dd163565889c8768ad63c658b65

          SHA1

          d70fb5e656fa4838a009940db97a665c5ba45da2

          SHA256

          d4bb1b29695d893a0716e01196436315251bc3d7b558b46cd9ab65888b92f837

          SHA512

          4f9926b44703d46319dfc0e30d936d97e99f92164d5373337c1285d397c6c148e4862b538d43b75c6d3ef1038a5ab290b11155ce44735fc95e4afb0474eefe62

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          2961b1da40674e5851ef3160ad46198a

          SHA1

          3a02336404755105b7c90ddde7865ab27789bb7d

          SHA256

          bc674ef213b9be6d3ad335571a2740ebf8798d49a0b94739cc288306c81c14b1

          SHA512

          1f24335036f5143f17abb799498eec2ae56357fabcd208b5b488e9b46aded53fa32acce5a38c5531a626c89436d5d6bcdad62b84ced0b95fdd2882a7eb8fdfc0

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb11EB.tmp
          Filesize

          4.1MB

          MD5

          84af40edb79dff0e971de6ee829337ca

          SHA1

          9d4cc0641382400a1389e7b301a37effae7dc68f

          SHA256

          3e4bc7a10a4a8495e5ed439933de6591051375f7837069d97869130c7a09b556

          SHA512

          731c63f25f50886bdcf9601a5f99b01a60dca2306ba34bad93d6431dce9976676c082ee4f15813c9ecb2ba505e5aee136b98fbdc8645aa3a89ebe6567b4318e0

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb11EB.tmp
          Filesize

          7.6MB

          MD5

          83b805b6fc6b351a79c35163b7be1ff4

          SHA1

          504477ae0cfd6f7dec710f22b9976c015d11cada

          SHA256

          2d9c2159b25d43bfa138f0b22c5e582654af4ab1683bcdc482d649f8573c5aa5

          SHA512

          cf197dc2d47ea989886b12b7fa2afc556669b517f9f7d93454fc604ad169b4acae7cc25c5313c509f7b0dc6b8d1cb750ba8c8021e356c840ff6c3852215fdc58

          Download Submit