Overview

overview

8

Static

static

3

dc1194651b...ee.exe

windows7-x64

8

dc1194651b...ee.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    11/01/2024, 17:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dc1194651b3f6ac68da3917715cc71d9a783dc113e9d222bd94e1e7c3a866fee.exe

  • Size

    5.1MB

  • MD5

    5e14cd9f580054f46968b791c3477576

  • SHA1

    74fbd090a07d0d4eaf2223f1b69f1abb6db9fd18

  • SHA256

    dc1194651b3f6ac68da3917715cc71d9a783dc113e9d222bd94e1e7c3a866fee

  • SHA512

    b347d53f056da860618726677973887e47043667351ce35dbd3f24010061ce881f591d826686e5595ddb404e5df6888c1f8e63c2d8ad281e632f7ddb61278adb

  • SSDEEP

    98304:8HenYKGxUcl3nT86Ytacv5Se1KdzOJDb4v+u:8Hr/YtacvuwN0v+u

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dc1194651b3f6ac68da3917715cc71d9a783dc113e9d222bd94e1e7c3a866fee.exe
    "C:\Users\Admin\AppData\Local\Temp\dc1194651b3f6ac68da3917715cc71d9a783dc113e9d222bd94e1e7c3a866fee.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    95e781efd164ffef0f480c2cbb026fce

    SHA1

    0e8924648deaa53b8b41fa9b7999a2cbda52fc42

    SHA256

    023f23af857da197cb42ed1bf966176da769d207341d77f93ed964ca5be5704a

    SHA512

    5a29ac73216878e92ceb547e2525b0e7eb7d7a0fa452cf675f1cda3aaa4cb6f1fba6ea698494b6a6bd529e21157bb4b8d495ca2d63f9f9a3b084e40c1f7d7e1f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    16b96ac4c87557e29fae07503934b040

    SHA1

    4be4257adce26dab71b82a99f05e28bfda86be33

    SHA256

    90804f9b32b4c626669dd130181cbb150b8cc5cd41f60e87f1be41dadf03818e

    SHA512

    e457a69a749e5aa80e1a5ba713ba6025da694b2b62614a88ae5ad882ed6c4737c458b84bdd04db7f8e8e97e98f69208355287d41df9837bc85c401d2b78b6e3c

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    ff40118e8ba4d38e7ab47498beadc7dd

    SHA1

    d224d9faf156f808529d581ff85d62d92deec037

    SHA256

    7eed88208bb0a81d670c323cbff3ebcd3d39591beba4bd20aefc8a31c9b27066

    SHA512

    9e8cd7d09d7d91afa460d4df00c7087a8978c39d4f57ac3ec6eb4eab5b71b2ba875ae4837abd3195d028e17acaff1b4e9cfafa55a13054990f0b4b78874d33a8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4663.tmp
    Filesize

    236KB

    MD5

    09a681d1e182969a5e557e978f72c09b

    SHA1

    7aebb845125693bfb89799eed425cc9313d46494

    SHA256

    30ef5c2ba70030afc473319509fce5e0f98b3fbf69dd1de0ec8060792530a599

    SHA512

    047fc44a416e5c1e063ea1d3cd518e07505ab8d9aa5e839f7fbb9ffb98100f29c48d698607ebfc62622c3e2000cdf6a45aa90e2cbd854214ff7784f3ada96979

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4663.tmp
    Filesize

    2.9MB

    MD5

    f8336a9c5d9b378afeec4896c2c42705

    SHA1

    35eebf74885fda437eefc169049ec39f3df51335

    SHA256

    af89909b9a966e485eba3e7865b2f39a8a4d38fa67c51d0f9dfa6e8fab789d13

    SHA512

    bddd1115b90d61a6ecd38b8533ea1691a26b012c35bc2b1e75fe5e14fc7c91ab43b371a5b281300f9a673207701836630c1d173ca7c65cd932ba977ad13d0572

    Download Submit