Overview

overview

10

Static

static

3

e531eb8352...ab.exe

windows7-x64

8

e531eb8352...ab.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    120s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 16:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e531eb8352437fc4e4e05477fafa465f6038c201a7221ca9f85f94fcc3f7bfab.exe

  • Size

    7.5MB

  • MD5

    73406b5b3a83733338e5a07ee651b476

  • SHA1

    a23b594ed043cd4fbae40839b331835cae971bcc

  • SHA256

    e531eb8352437fc4e4e05477fafa465f6038c201a7221ca9f85f94fcc3f7bfab

  • SHA512

    1181e9fcf178dbebd77f55322bf5c054fe0620a16a983aa7a986f71c9e1d2e3cee657294b45f07a303cb0f079fb4c30516add3693439fc014ac7d6556d8b9326

  • SSDEEP

    98304:5Bgn2qZd5Gr5aLTdAmfcXID954YOh8NbFPCQwDfWw08dGODav43c9NO:SZd5sQcXkL4YOeNly7W38NDaW8NO

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e531eb8352437fc4e4e05477fafa465f6038c201a7221ca9f85f94fcc3f7bfab.exe
    "C:\Users\Admin\AppData\Local\Temp\e531eb8352437fc4e4e05477fafa465f6038c201a7221ca9f85f94fcc3f7bfab.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    629b3f2ccaa40e10da3ec0bfd797c40d

    SHA1

    33bbe3ffad7628fb62cb0fe5bb3aa75705378963

    SHA256

    3afc5879f07ead0303c6b7f1bff2de4cd05096eeabe0d6ab1b1fd757029f2f16

    SHA512

    d393c6cb7470c4591e7745bc3bfd2c5cd24cc328620eea155add436cee65f593927f2aac4ea248531ba2fc9e77b5bf4f7779298c99d2f369de5d66de72d864eb

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    d9ee219d962cfd24b81ea836eb33b58f

    SHA1

    e0d4392fe9df25ba76dc26e8a0a502f7ebd3635a

    SHA256

    80c04173084835558b21d849c278331c8a3404b4399d56dfb9877991d33bf4b3

    SHA512

    fc7a5622626352bf3e3cef774854a504876e80ff22d55d5918e630f55402b38fb23b7c9afb3715aaa7dc23badb38b60b1c8165fec1761348d804536bd9ecce14

    Download Submit
  • \Users\Admin\AppData\Local\Temp\yb470E.tmp
    Filesize

    2.6MB

    MD5

    2ecae658da09206336e2f7ffed48e475

    SHA1

    a5b31b5b210882b6b8c4ceaeaba83fbcf9a6c727

    SHA256

    654ea960f3055818cc7aa382fb801fcb04fac45cf771a9d64519182f4a6b9f3c

    SHA512

    c38439ffef37e892d8a56a4a13c02ee5dd5a45132e91d020a6fe067c2cc36cd8fbebd42d91c423958cf8bf2020b9224f258f7437b3102c8aa8c113d2d2769827

    Download Submit
  • \Users\Admin\AppData\Local\Temp\yb470E.tmp
    Filesize

    3.1MB

    MD5

    c794d6dacfe13dedff82ce7ddab607a6

    SHA1

    4f7d70d9015bba3d0815f8c4767d4e154df822ed

    SHA256

    654e6b1018f43ff9a8e49027bedc7b50bebd1f36ecfc3b6a8260300e48592bb6

    SHA512

    8733bf6ff27961153e5d97f36042ca73e446fb862983ad81b58afedf554c73a98a3217280986c1ca03fd4f75da78bc37d6b10bf1919f0b08c6bff6cbb99553b9

    Download Submit