Overview

overview

10

Static

static

3

1df5dca24a...cb.exe

windows7-x64

8

1df5dca24a...cb.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    119s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 16:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1df5dca24abbdb6cd72848ca85db147e3fc740295a92d1636836e65d045a84cb.exe

  • Size

    4.9MB

  • MD5

    558788081d9a5590ea98cf49f5083487

  • SHA1

    31363c3c359638c656010186a967de5fda5c197d

  • SHA256

    1df5dca24abbdb6cd72848ca85db147e3fc740295a92d1636836e65d045a84cb

  • SHA512

    63a3c90d5f01532577a8e5105e83ef4c7de6fdcc668d8516f4dd6379f8f9f735ff00428673d4fa57881b7aebda0606c9fb36c6d0b66cdd5a062742aba59232e8

  • SSDEEP

    98304:44TjVBOWLl3ncPtJCIY2ivTY6oMcbKdzOJDb4v+:RBONJXt8U6oMcuwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1df5dca24abbdb6cd72848ca85db147e3fc740295a92d1636836e65d045a84cb.exe
    "C:\Users\Admin\AppData\Local\Temp\1df5dca24abbdb6cd72848ca85db147e3fc740295a92d1636836e65d045a84cb.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    3571c6b31085f73eeb363c8fd9d34364

    SHA1

    be6cdae6da0cbcb7d95c465b5b4cd699a0ac9bba

    SHA256

    2e848d07e3dbd48f91223308e2eb539d6f0e3d4bc042535a56a18a0d48fd2158

    SHA512

    ba0d7bcabd53baa00dc998d88d89ba3334ba137e014fbad48618ed41ad339f52d446ca914e7757a2cdeca87e383b76043b5a30823a458018421d021a0c0bb823

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    c516f205050fdf7cc05d96646ab41e51

    SHA1

    fba1dfd9827cba062de0716ae6b3b2edba86b11a

    SHA256

    f815529b817070441968b69dd11e3bc0714aaf2100052887b79070d4865a8a92

    SHA512

    735e537adb16fefcfe605acf78de6b8bbb33534079e7d947707cde645efffa6344c42aa0b42d13f67f826486f416c8a80bc85dbd54e658f842818967676b45c9

    Download Submit
  • \Users\Admin\AppData\Local\Temp\yb64DB.tmp
    Filesize

    131.7MB

    MD5

    3d54f36142e266cd00b5a126512c7cfa

    SHA1

    15c02c680ae4020592aad40feef0d09457142907

    SHA256

    99a4995d61c756c20e5ab6e0b57251223a68f199fda0acd2e77f5a1aa45d960f

    SHA512

    27e009aa00f2dc0027c6d3647e7c3154b9aa3e81bf209ca1d82d362117d6a3a8135621616e6a69ef5e6ef449ab46ff45cb4d109cc788afa74b75c534d8a33389

    Download Submit