Overview

overview

10

Static

static

3

947c8b421e...98.exe

windows7-x64

8

947c8b421e...98.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 16:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    947c8b421eb8793b640134c5ad4e7231582e89fb27d0f003c3ab25bb5dba0b98.exe

  • Size

    5.1MB

  • MD5

    18dd7943583279b96d7a3ccbcc6e7151

  • SHA1

    1a64269841e149f775c6aff9f9abb6b11d0dba02

  • SHA256

    947c8b421eb8793b640134c5ad4e7231582e89fb27d0f003c3ab25bb5dba0b98

  • SHA512

    4ff8e9d430bf4a7ac10bd44538d55940e0c4b07a747b25119c0d94de6cc7985410159b1d11387c5ead01a750692c95fefdbc551147735af9d23f5cdf9622bdd7

  • SSDEEP

    98304:8HenYKGxUcl3nT86Ytacv5Se1KdzOJDb4v+u:8Hr/YtacvuwN0v+u

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\947c8b421eb8793b640134c5ad4e7231582e89fb27d0f003c3ab25bb5dba0b98.exe
    "C:\Users\Admin\AppData\Local\Temp\947c8b421eb8793b640134c5ad4e7231582e89fb27d0f003c3ab25bb5dba0b98.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    92b1a583b52358c1552d56789d546a6f

    SHA1

    a3c744c7ee1fba65f135b314b4a378775f7962ca

    SHA256

    5df8d5b5d6401a1d9b606248ab0f4a88b39e4377514e9a48371da241ff28218a

    SHA512

    4941db6caa0c6636a5e7c973cac65b1a6a1d5675c69fa79cf9317d478d14badac836b163551a425ef63645ba7b49887b49b5825f007d76e47485429ac948122d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\yb5419.tmp
    Filesize

    4.8MB

    MD5

    d39b4283d4e6f027ed4d617eb8fa72a2

    SHA1

    206ed3cb1eac62e755a68211330925b5ec12e6df

    SHA256

    f0b57ee0a3de6398fe83052944cb0756b59c7da6db911c31f70ef9ee54abaec1

    SHA512

    a454decd6ffb99ad581a77163221b279ffa8cd9d68c868c413db65726c83e6c6cf8de919ceb385e507bec5079070293ed4b52046d9a020fe90e7de5d5e57f1ee

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    17bc77394481d80cc3cc4963c16c3fa5

    SHA1

    f47b704185e53acea072e9168bfe6ed23427ba28

    SHA256

    81d3efb844ba66183fad65d924ae95b96479fdb5cf9c1cd5c662cf18dd50b4c3

    SHA512

    277fb0ea18ea964f74245f2ff9e0a3ca8816b86442cf72e6dcdb6705e56ec1f637a8a24db83df5af08104aad33b3fc0e9b96af8971522d6b06435e6f649e334d

    Download Submit
  • \Users\Admin\AppData\Local\Temp\yb5419.tmp
    Filesize

    17.6MB

    MD5

    b792919de6041bd71748a93975512780

    SHA1

    75d8561636992d26bb4fd60cf827427461991347

    SHA256

    9bbe6bbc28db019e93920171afbe21ff76d2a26eaaa1e1b9effbba5664293f91

    SHA512

    294fe09cd637dca3036f357f9010573654e9f73d9249dec1625ee0307fd402077fcdd062cbdddfb9ba618492c87ec53f2fc47468257218b77f5195ab14635f2f

    Download Submit
  • \Users\Admin\AppData\Local\Temp\yb5419.tmp
    Filesize

    13.1MB

    MD5

    e60afeebd2e9ff29f94809c70f97014d

    SHA1

    b4062abcfc44df842e73ad43b11886e7bb9e4732

    SHA256

    7eaf65916e852113a4f910311b058756648d901d11d08636c4b32255a6c504de

    SHA512

    bd7836d94128046961cfb42e6e1a635591624c7553b23bd8ec910444967568f3e790effb4c41f577701a68c36d611ca737cb553ba60fa19afca88ff1ebd77723

    Download Submit