Overview

overview

8

Static

static

3

2fcc1bd4d3...ab.exe

windows7-x64

8

2fcc1bd4d3...ab.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/01/2024, 11:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2fcc1bd4d35e66b81067c7f79f69abb68672de493c97ec870a63ef4a65c7cdab.exe

  • Size

    4.3MB

  • MD5

    6255b22cfebc9bb563858d65f6602190

  • SHA1

    cedadb002ab5872797e44ce5fd612a386e2cad6a

  • SHA256

    2fcc1bd4d35e66b81067c7f79f69abb68672de493c97ec870a63ef4a65c7cdab

  • SHA512

    f7058d7e8f437ef7d6de9ded6785108f681e4240b10cb56c2417d230d32299183f0f03d3d3cd91682247bfb7cf432d86c773862880943766844b15b4defa270a

  • SSDEEP

    49152:qMLPIdiWU/o5LcUekfbj+whw5+r5u8QeKxFOJxdb4vZKVB:bLPIAN/nUeKbj+UFKdzOJDb4v+B

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2fcc1bd4d35e66b81067c7f79f69abb68672de493c97ec870a63ef4a65c7cdab.exe
    "C:\Users\Admin\AppData\Local\Temp\2fcc1bd4d35e66b81067c7f79f69abb68672de493c97ec870a63ef4a65c7cdab.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    ca45b5008d8ea4fe51ba9af0fd7f8618

    SHA1

    a78490156fc583f74fe0912c1bf6bc41da319c6a

    SHA256

    15c5c11f7f658fa8e462f7cbe77c3f9307bc6be6287929a819ad87b5344f4c35

    SHA512

    e4a12864cf3aa2f396d35f356312f0c77f497a7b3141d9f5d505d462fb47a727eb0b91818e4130155353ce6009d77b6c30c552ca6d34ce248868809707edb790

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    9b949e9bfa305e5cbdc4cbd15dd49b92

    SHA1

    8b1a351a6deb7211003468e0bbe5df8c52d8f8a5

    SHA256

    5d973f62b09244cdea257eb771233019c00990564cd3bab1b3970004d155a4b1

    SHA512

    9ae6fc1363803a47fc697d3ff951e6264fe73f9175e362f08340efbe62b6e4592aa48fc8a2ab53d3084a2ffa5ee3865db96577cc073fb790e82155b138caaa00

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4164.tmp
    Filesize

    4.4MB

    MD5

    db7b68868eb821fb9bd23ccd01253f2b

    SHA1

    b50e14482111bbd4e439f93fcd646f6f9e84e4eb

    SHA256

    4915c5aa0cdc660f4f45af20941764941fc2b7048a6d544582b6f0fee97a1f5e

    SHA512

    f2cf26f03c73c911855b57f8d97b246e19120f7f6f4dabd83e9643acb876825ba306bf810b304adc1656a8e45fbbe0eca973e2d08db7ad30e881dbed4bb4882d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4164.tmp
    Filesize

    4.6MB

    MD5

    f3cbebcdac9e99af34c20161802fd22d

    SHA1

    5715088124236472de7185237fa33da66e6cb84a

    SHA256

    3983bc6b94f55711ee09f1c46cc670c9fb0f8a15ba5289a6fd64cc8533d1765c

    SHA512

    35ea2ae9741be1b4ea783635279a4fb965ce930ae51f446eb956ef9833fb08fc0a7e9ecf64ffdcaa6d3429845d82134583a4fb413844a68c9d477974691fcfde

    Download Submit