Overview

overview

8

Static

static

3

ef0246fe99...cd.exe

windows7-x64

8

ef0246fe99...cd.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    02/01/2024, 16:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ef0246fe99a69c022b2571cea0512cde1341451b3c88100f0b30a82adbecfdcd.exe

  • Size

    4.7MB

  • MD5

    6cdf2189c6f0e27ef0118a818a3eb50c

  • SHA1

    adcb9e9ae786dc42d94a5d932529bae2a1e84e2b

  • SHA256

    ef0246fe99a69c022b2571cea0512cde1341451b3c88100f0b30a82adbecfdcd

  • SHA512

    471aa17d1bd7dc81767365fd70b33251a1c52487d668120a8d5bda797b142b5a82744616ca68d2b22d055f13a07fe26b733af486f7da3874625cae400bfb0ff8

  • SSDEEP

    98304:shIHjWibmorLobjYXzZpvF1Ff7PKdzOJDb4v+8lz:vWibmoFzZpF7SwN0v++

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ef0246fe99a69c022b2571cea0512cde1341451b3c88100f0b30a82adbecfdcd.exe
    "C:\Users\Admin\AppData\Local\Temp\ef0246fe99a69c022b2571cea0512cde1341451b3c88100f0b30a82adbecfdcd.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    9717d4b869d95f86814108629225c321

    SHA1

    89bff680170046f1d06f403054e74d1a709ab083

    SHA256

    4bf415e81e29e9f062293a6e0e949919e6d4ca58d65088b679e59f2ee1fdb097

    SHA512

    085ecad8dd3295fbe3230940f299bef3f368d542f0f0afb267599ddebaf5e078f205b82a1e03f6a7f0d26a294738229b812f1ea421419722656584e8389bf55f

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    fd30475e9977928815251b2677d226eb

    SHA1

    48ce7de829d15348f8fac97a78d80662eb404de3

    SHA256

    0f0b77958d6d47d002043e393fd7122075d0acb66c45bebec1ba99cbba26c7d1

    SHA512

    eef86add70291863e4881f61c0087c5063233c33a3afcdc574b0d3edec07328f27e16b31eedc1363e3d03f0e64847474bfa6c16b88ac8e1d673ce9af5a5ab969

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5A7F.tmp
    Filesize

    6.6MB

    MD5

    c93ed2bc5255506deacd07231800af04

    SHA1

    954a0f1f7bee1ea4ecbfd8433ea981901ece2d55

    SHA256

    c42d0be447ae48816cbfbdb5d509b2c1ec29c550ed0ea59fe0984f7f29c3e912

    SHA512

    163a89078855c5065aaf09bac1c6604db92c4e2ce7df0856c7cdd2e9002d27befab18c7e32a5020bdc33299f5f1d8d3f2033fee885373414e7a9e3468b4d39d1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb5A7F.tmp
    Filesize

    7.4MB

    MD5

    3ee012acb480ec9801379da362c16680

    SHA1

    0d5337fbd9a7b1456bcb8d3c46366b3de61c3f56

    SHA256

    c61a75413cf9f3393e493476a3a3b0054dcf3f644f299c6666233ebc5f2272cc

    SHA512

    e07717dbba9d088b94578901191bb5cdd7a196bb5c34f2bea19b2819a3d3e32aee965c18427460c5ad0d17519bb6bcfe31ad6edcf850ee34717465152ca1fd62

    Download Submit