Overview

overview

8

Static

static

3

79bb0970a2...3d.exe

windows7-x64

8

79bb0970a2...3d.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    05-10-2023 23:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    79bb0970a2862c5a240320dcc121d03c6d2b2525be16d2327e4b7ea278e9ff3d.exe

  • Size

    4.1MB

  • MD5

    d39da693302f5f10a568cae38ab553c0

  • SHA1

    5b4de02081dbf78c460b1fb30e2571e2c3791f00

  • SHA256

    79bb0970a2862c5a240320dcc121d03c6d2b2525be16d2327e4b7ea278e9ff3d

  • SHA512

    14488941797b1501741a822c66bf5f5a3affaaf76e24cf3233e30054df1a0a8118c4055d58087b06441bca7fd45509aed6e1c742996512d8723139a892b22a1b

  • SSDEEP

    49152:nJG1P05g+Wzi3n0txCvRV1Y+r5u8QeKxFOJxdb4vZKV:JG1c5g+Wm3n0t2KdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\79bb0970a2862c5a240320dcc121d03c6d2b2525be16d2327e4b7ea278e9ff3d.exe
    "C:\Users\Admin\AppData\Local\Temp\79bb0970a2862c5a240320dcc121d03c6d2b2525be16d2327e4b7ea278e9ff3d.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    b4279ad7e6be298136654fb83fbe3108

    SHA1

    7b9d20983d21689d8ed64c53863ddc7ec990956b

    SHA256

    3fa0e488a9921ba6420a903475458a9d07ec5153f96b3291a61f2895596f55c1

    SHA512

    b25d852a769f85654e5545e99b701e0663165ae39a3ec750c7807d46be989faafe299d0b50ed3facc1b9f0e77e233e44e23312363bd0810560e166e7c5525838

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    464e9173b8cd238ffeaeb6c17b716d43

    SHA1

    c05c501ae43c308e5840f36c01c366497fdb33ab

    SHA256

    3fbeab8ec215f6c8aa66a293049b891b6a2a5a6c10d5f34e9968c84f047adcb9

    SHA512

    d41eb6141781361a40c8185c854bfc638045cac50a172dab654682521d2e9ebf1d64618e11172893c139d90d175220dd1e2fdc9476dc7f3df01da09b95835ed3

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    b9e91f642d099cf3cdbc5c2e416d3159

    SHA1

    c9d6f0ca38512a998f7da823e640a54fbd6767e5

    SHA256

    59fc8bdef12cbec82a8b28d8dd58689836a37c4dfabcf1068f878dd6fd845893

    SHA512

    4861ecd7735b56674f89234b3b413f3dca4ee04f35634a6a1e52760714fcbfbfe8fe3d7d50fcf22d1a0b15dce25d4471c570061b2a315297580d61207352ea6f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4B62.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb4B62.tmp
    Filesize

    140.4MB

    MD5

    4cb143fdad968165c2dbe48ba8950bb1

    SHA1

    cb0faa0650fba759a596663382cc6692dd8a727a

    SHA256

    4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

    SHA512

    a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

    Download Submit