Overview

overview

8

Static

static

3

61807711f8...e9.exe

windows7-x64

8

61807711f8...e9.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    09-01-2024 03:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    61807711f869271c2719a35e1a914dd911f8bc4465aff7484e6bf12cd5915de9.exe

  • Size

    4.3MB

  • MD5

    29775ed17a5f52b815fb6e060dd6fd51

  • SHA1

    91f51ff7e738c62587a3ec5868fb4142f3fd3c9c

  • SHA256

    61807711f869271c2719a35e1a914dd911f8bc4465aff7484e6bf12cd5915de9

  • SHA512

    805a4c4f6e4c6aade3f9abd49b56f62d0a67d8203bdd89153250c00a6e897370ca07d3ed0e35321c26d5eebfd2c920001aa0544a452969a5ef6ffda4ee2a4ab7

  • SSDEEP

    49152:qMLPIdiWU/o5LcUekfbj+whw5+r5u8QeKxFOJxdb4vZKVB:bLPIAN/nUeKbj+UFKdzOJDb4v+B

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\61807711f869271c2719a35e1a914dd911f8bc4465aff7484e6bf12cd5915de9.exe
    "C:\Users\Admin\AppData\Local\Temp\61807711f869271c2719a35e1a914dd911f8bc4465aff7484e6bf12cd5915de9.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    16dadea7e821821c4a8f497d655d0b1d

    SHA1

    c09db5a22acf315a47d24a356b21dd36475cdecf

    SHA256

    70eb57d4d75097ec7b80ad5799754eaf41d715982ce5f39d534faa35dcc1dd7b

    SHA512

    34627d89df20f1d75db04fef7f7a53daa4a8955e477ea4d39107b88565524abff8792d361dd466e04d2c76d0e6cb638f15ab212ce5ab320030d71ec2601419e2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    e5a9e851fa33f4eeb3fe93b4441506ff

    SHA1

    afa4703422b2fd26da01c43a8227818d87fa8791

    SHA256

    c371aae02f31f3bce368b02ef56ea11d1005fe384349ac71d807930331f89e55

    SHA512

    f1637263a761aec822a11bde919fd88519b2fbac8ecb5fccc1e3b398ac2155b318350523dae9d03d120b0c4b76bef480b6d3431ec53e4b681341294e893b6d35

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    8726d69e5d8565ae843d5cdc35e061ce

    SHA1

    8b9a4bf65bfd73138a467392c1650366cb68b991

    SHA256

    e0bab147a1b76168c49b1a555500cb6a83883ae04fc10de1c87a15ca9c8f16c3

    SHA512

    1767997235478e772ce6c5504d7e338033f4d0a403be3b92df686564a1e0b87bd41781719005bb51bfe6b125ab61282414c714153c81cbd645a0222e8e9f1820

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb9D58.tmp
    Filesize

    35.9MB

    MD5

    ad3de741fa70f132b8314ff1346c948b

    SHA1

    a2a49f5d7baeb906eea4bc54ffc896bf3769c1cb

    SHA256

    9db5d3e97caab66c8f24fe8bb68ba219f32218d7452b3a684c61e51c932b47fa

    SHA512

    1c97047ad7048a1f92b5d246fc09d6e2c586e9a5629846ff01b19d79d98a12118951ef475b92283b57d3d4451e77fad19ca2eb2ba8b0ddc113b01106559ea6da

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb9D58.tmp
    Filesize

    123.6MB

    MD5

    48beba21af7473db4cb9f3c8e49a37e4

    SHA1

    900f7036cfa0d2ac47c82193b9aad04415c9971a

    SHA256

    e2fb5360b83e4676c50e0aff6b7a724c4c1b36cf6a474795ec5371a0fe75180f

    SHA512

    eb72bbef29dee2eb4ac4d2ba48a55f92018f6229255d0c44a5a1d2125645e20017b4f8a6f16bdf0832304dc68c23c9d65995db5d9c458f6eac6cf5fdc19e522a

    Download Submit