Overview

overview

8

Static

static

3

1d08768483...b2.exe

windows7-x64

8

1d08768483...b2.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    05-01-2024 15:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1d0876848323595ca31f508fceabb89cbb89389418dc6161275b750696ff0db2.exe

  • Size

    4.3MB

  • MD5

    c871ce196a4ae0c50fc9a68e8f0ac7bc

  • SHA1

    d2e6e83f32eca75bbdd782736ec1084d19ef4b9e

  • SHA256

    1d0876848323595ca31f508fceabb89cbb89389418dc6161275b750696ff0db2

  • SHA512

    78307d75377f6169c653c63b8bb405635cad54f33f6ca5d0881bc6bb4e6dbe587734c6de5fe8ed44ef77b60bea3a60b0b8514685d2237a8ffd7cbefd216e046e

  • SSDEEP

    49152:8MLPIdiWU/o5LcUekfbj+whN5+r5u8QeKxFOJxdb4vZKVA:JLPIAN/nUeKbj+UmKdzOJDb4v+A

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1d0876848323595ca31f508fceabb89cbb89389418dc6161275b750696ff0db2.exe
    "C:\Users\Admin\AppData\Local\Temp\1d0876848323595ca31f508fceabb89cbb89389418dc6161275b750696ff0db2.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    4ae1d62d87eb68fcdf4abacb434cb408

    SHA1

    701989523c7e0fbd23ed22112f7f7a9274e6d052

    SHA256

    025df74abafd72bcd22579aa7d7d8475cd082b292fa433eb036897ce69d08b62

    SHA512

    187bf06d96c9c1471515fe81af8b478ac8ed93f53567b24ed333a2dc7d0c8aeebbae5885935277fde43c9d23caf7d9ae6662eb019b195328475383aaaa3e2a8b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    6de49b0009d831dad0b41f4105f100fe

    SHA1

    84fcf269664365166b254f32c9e75ca8dac14f99

    SHA256

    360faf27a847a502b13ac2235190014dcda7cdbaa6a1450a393b01fd0d644ae9

    SHA512

    529f6207d1cf95307d0778773fd6b7c02632d8428a30083a03db6e0e0af06ba8e28b894281687d4c453bd188cde1386e5af5848362e98a3e173e219402c4e0fb

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb21A4.tmp
    Filesize

    129KB

    MD5

    eeca9c7a0ce6c56026bfc0177c0bdd88

    SHA1

    c76680340556bfed0cfaa4498c02d4358c01922b

    SHA256

    aabe0789fa7f9a1fa518abc973a6aa3fe55af2ef6d44863761c14c3f0677de55

    SHA512

    9602dfb7394e76d7115ae4dd84a9f640c8a038a5c486d93558e7a60136de8b4fdec6cb97268ee16c4b3b8c66d22af331323904d0ddd814636eb834fc28aab198

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb21A4.tmp
    Filesize

    856KB

    MD5

    9a7fad3f31ef6afed451d25b6d973c56

    SHA1

    c85e29190ea3818a1b18360a51755838c6bd85e7

    SHA256

    b64b06fe2b6c28a36bae9d032215b6b339689a200b7833eab2134bf1271a6274

    SHA512

    54ebcd69d324bc65ccecccdfb182a19a8bbb9c873acd07cd6a7fe64b3df1359c38fac6799f56d5e66fa88c5ba80d11eb3088280fd9122427f1247b11f1a49cee

    Download Submit