Overview

overview

8

Static

static

3

39f9369565...23.exe

windows7-x64

8

39f9369565...23.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    24-08-2023 12:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    39f9369565b5cf8320a8d5420b9302e6e4d5b9b446d9bdaac2d7d1212c5afe23.exe

  • Size

    4.5MB

  • MD5

    1da0fba209eb3df7a8d2ca6a7418ad50

  • SHA1

    3100881ac035d0399776d5015f6646666e822d21

  • SHA256

    39f9369565b5cf8320a8d5420b9302e6e4d5b9b446d9bdaac2d7d1212c5afe23

  • SHA512

    894fdf056ceb32b0203a48c2bac7fa6f9be3f5d426460a07b94497d952e9a4d9d486e0b68d1b26b5ba442176c327dee37cb7fcb91096f542eb72d60810aa03f8

  • SSDEEP

    98304:ZOLHzIDtxDSK2Qi26im50OORKdzOJDb4v+:qym50OlwN0v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\39f9369565b5cf8320a8d5420b9302e6e4d5b9b446d9bdaac2d7d1212c5afe23.exe
    "C:\Users\Admin\AppData\Local\Temp\39f9369565b5cf8320a8d5420b9302e6e4d5b9b446d9bdaac2d7d1212c5afe23.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    e7fc924e8fe38b512f0a47a17c7e3071

    SHA1

    5dd88038a82530d079df2b23586958f7a8868dd2

    SHA256

    a74cdbb9cedc53a1dd58b942eafae36830d55303fc8220460642b4a33d9dc3d3

    SHA512

    15b66318d7e5f9df466ba4a5cde04d92f355ec172182ef1032194046906a2ceb7758a8c04c6a2b0ba0924154887021e69af8d09a5ac592c6e5f0840ebb795c0b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    e7fc924e8fe38b512f0a47a17c7e3071

    SHA1

    5dd88038a82530d079df2b23586958f7a8868dd2

    SHA256

    a74cdbb9cedc53a1dd58b942eafae36830d55303fc8220460642b4a33d9dc3d3

    SHA512

    15b66318d7e5f9df466ba4a5cde04d92f355ec172182ef1032194046906a2ceb7758a8c04c6a2b0ba0924154887021e69af8d09a5ac592c6e5f0840ebb795c0b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    de430673d0b0ccfca68291ffb2bd62a0

    SHA1

    88a862c74d76332dcdef2190bdead6ad92089de7

    SHA256

    b1c33fe59ffe17c19f390508bbd9ca3f0d52e0de4aac4b99895a633a76f02ba8

    SHA512

    62d1b0bc6a3b2a1ab75e0f8df82e99ba54de7073e1c5e43daf371d2427bfcd9521812da97e5febdd6ae459be099a0108a3641b1aeebe9bbeb1244eed7e99991f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8121.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8121.tmp
    Filesize

    129.8MB

    MD5

    51a534ddfddb68c31a1ba04aa86d5e6d

    SHA1

    25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

    SHA256

    c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

    SHA512

    1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

    Download Submit