Overview

overview

8

Static

static

3

368fc96466...81.exe

windows7-x64

8

368fc96466...81.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03/01/2024, 10:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    368fc9646632b7386685a60ee5b865b7fccfd07d93b14f7fbbde8677780d0581.exe

  • Size

    4.3MB

  • MD5

    1004ab75e81bee70b0b7e7ab1683f1e1

  • SHA1

    179727c10df6f99844fe4d010511dd8cc51991bd

  • SHA256

    368fc9646632b7386685a60ee5b865b7fccfd07d93b14f7fbbde8677780d0581

  • SHA512

    d8c24846c9a651deb6ff0e0cf092646928c0bb2ccd2dfe8a6cbc5c616fd77fa44df6a6e5289b1f1ea3553b2e0aa2dcf2c0f906bcc759d1c8bfd9195998f8d508

  • SSDEEP

    49152:qMLPIdiWU/o5LcUekfbj+whw5+r5u8QeKxFOJxdb4vZKVB:bLPIAN/nUeKbj+UFKdzOJDb4v+B

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\368fc9646632b7386685a60ee5b865b7fccfd07d93b14f7fbbde8677780d0581.exe
    "C:\Users\Admin\AppData\Local\Temp\368fc9646632b7386685a60ee5b865b7fccfd07d93b14f7fbbde8677780d0581.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2312

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    10KB

    MD5

    ca6b77f48cbe6900961e0a913fc5a9d7

    SHA1

    8d296c5d0c7ebf1a023e77713e997e31897be940

    SHA256

    fea2d855a68a3cf03c483bdcc414692967cd07001a7738ed1592404c7cccaccb

    SHA512

    88bc8a88a180de1a4975a987e8b038fffb972c80b5c937cf765f76104e9c51830e07a4e975da816dd0ae9ce08d44ef93c43acdf16bbe29601da84dfd82f70c1e

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    9209a9899047ca974229c5f71a6e5554

    SHA1

    a26466e98bb35b31efefd878c8d639e3c4d9253a

    SHA256

    ab48916813f30bb2b3cf6a60fec560ae8cfb39b0e357924b053282f4061905b4

    SHA512

    b682638822cfe0f8d73ec5517a16b4d25d37b5699f478bb0e93992570fe6d552748a7a80c3897f7c94b3185df1cd7ecf56f4b5ced7fa906de1a6ed48ef4756e9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb23B6.tmp
    Filesize

    5.2MB

    MD5

    844ca569a1d05e625c2dc9b0266071de

    SHA1

    5aecb92befa1f3293323a3ea91651aa0df4d878e

    SHA256

    193656de54d2c6b2da9b3d11016da626a174f997180882ef07e9ac9a55a41f14

    SHA512

    672f8c41332a67cabdbd3b4c956e345bed0619500e3cd8ca75671ef8315a820b63e7b9a26a701c63a50a23b8cf91f7dbe97a6ecfd9b1b341ec6ede0fbdbf941a

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb23B6.tmp
    Filesize

    4.2MB

    MD5

    c7e5019eeaecd04571502d05731212ff

    SHA1

    f10e4f84c00977e534bc62e374404034ef992a35

    SHA256

    66d2e9100b69fc0aa0428e234579423314cfec985b3eabafbad0d1ee45fb0142

    SHA512

    7470b5594c4bde3fcdfabceafc0b5c9d91c8247885619685087053f6b31b47ff0c673efe49542cfad873375eee8ba5866ee0edbd090edef03890c60c24dc8932

    Download Submit