Overview

overview

8

Static

static

3

960d0c7448...81.exe

windows7-x64

8

960d0c7448...81.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 15:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    960d0c7448a4d90ef7953f432a1b39570a18fa23571cf03efafb627a6b73ae81.exe

  • Size

    4.3MB

  • MD5

    568187545ba9c24ad0e93d4bdf58ed28

  • SHA1

    971e657931e9cb07851c69521f38aa7b4067fa3a

  • SHA256

    960d0c7448a4d90ef7953f432a1b39570a18fa23571cf03efafb627a6b73ae81

  • SHA512

    8f469d1f830f015fb4891656cfbc154ffaf557a15876ecdceca2d7084432b4e8d6c1d30a44c1e64b3b0516c64868be99780cd1c0dbc3956fefcbe02f52e97725

  • SSDEEP

    49152:qMLPIdiWU/o5LcUekfbj+whw5+r5u8QeKxFOJxdb4vZKVB:bLPIAN/nUeKbj+UFKdzOJDb4v+B

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\960d0c7448a4d90ef7953f432a1b39570a18fa23571cf03efafb627a6b73ae81.exe
    "C:\Users\Admin\AppData\Local\Temp\960d0c7448a4d90ef7953f432a1b39570a18fa23571cf03efafb627a6b73ae81.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2296

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          4KB

          MD5

          355e0dfde56b220534415ff99d3b47e0

          SHA1

          f1d2c0c13ffc614edb4461a9f4e8014178411e35

          SHA256

          c27cc097d21402fa515530392de9ae173c9d6255a3ac06ea745837ffd050b395

          SHA512

          da96a8fde2690568f341a0cf35031491bfbb3bc25dff2c8b751f56ee6cd4643a989adbec9b685df5ec69b01f133ccea45b88033195527550d5abac3cd76ec542

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          7a661f5b11446ee189eb26cbb915e212

          SHA1

          37daa8245e93c30ae79fa6a7ef71aeb7b714d92d

          SHA256

          c9a63354d5393a09c06021cf187c83c8ea10cad1fae07666413b1037e8a026a4

          SHA512

          d5033622bdc1b4631ac305f16af39e75226a6ab7f13a352e8117735c755f8e4f6d8b5cccf011259a4ba6e959298c06117eb000dec156557a5c0e0fc136da852a

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb954.tmp
          Filesize

          146KB

          MD5

          ecef9119bff6f0bcd0d2a528b0295079

          SHA1

          d02be7a35e5af89987b31f31c5a874e5373f68be

          SHA256

          2ac0059e69a2b7244de354e2ade5c055cd1fca5e45ede87a0e628b3bb72c1691

          SHA512

          3675eb9f9d142559bd5f5d7fbc5b73c918ae74f254aa2878b08469433f4a760b73d98013cd59c89f4c0e7902d9c4ad2f42955c7e9a7fb910c1f804ac8bdf4c89

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb954.tmp
          Filesize

          129KB

          MD5

          eeca9c7a0ce6c56026bfc0177c0bdd88

          SHA1

          c76680340556bfed0cfaa4498c02d4358c01922b

          SHA256

          aabe0789fa7f9a1fa518abc973a6aa3fe55af2ef6d44863761c14c3f0677de55

          SHA512

          9602dfb7394e76d7115ae4dd84a9f640c8a038a5c486d93558e7a60136de8b4fdec6cb97268ee16c4b3b8c66d22af331323904d0ddd814636eb834fc28aab198

          Download Submit