Overview

overview

8

Static

static

3

3ae5bb1df3...3a.exe

windows7-x64

8

3ae5bb1df3...3a.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    119s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    09-10-2023 19:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3ae5bb1df335be679a3e13dac2c11705efed14f9342adf219ed349ca7c3f803a.exe

  • Size

    4.1MB

  • MD5

    e5218706e50ffc69ec9d3ca8bd98330f

  • SHA1

    fcd023f3b9d0dc99e6a89028d138bf67ed7b9a32

  • SHA256

    3ae5bb1df335be679a3e13dac2c11705efed14f9342adf219ed349ca7c3f803a

  • SHA512

    87e4a1afe5c4ceaa139898998b6cec402111dc4e2ba29d42f64e000417646c54bc910dee8a1211a6fc772d6c29cd84bab970c1aa5cefd5a09f0a40586ea27516

  • SSDEEP

    49152:XDnaVVMzMvkMUzM3n5xlekY+r5u8QeKxFOJxdb4vZKV:DaVizMvkMUg3n5xRKdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3ae5bb1df335be679a3e13dac2c11705efed14f9342adf219ed349ca7c3f803a.exe
    "C:\Users\Admin\AppData\Local\Temp\3ae5bb1df335be679a3e13dac2c11705efed14f9342adf219ed349ca7c3f803a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    43d6608d14a904f932fad83d9aa5c4be

    SHA1

    2806df896eabde47d4a9dbaa999eeaac7accbea4

    SHA256

    dbc35909343d56557a42f6308dce31a402181f1c2ba76c3141199f07549bfc9b

    SHA512

    801dc27663e153dbec6f6de70c7e3af76471c584bdad6ac07d82f39d56d185a211a7e28e13c0bb51f995411f225499d2f2f984fd4750fcbd3ed1f8f78858ad81

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    5KB

    MD5

    2e5414c16f40a5acf711ea9195def0d4

    SHA1

    7407c10225d3bbf2a9af7fc867f4c796907dedf2

    SHA256

    128e52ae1689f2af5d37294c6bca87b9de8805d71dd88f9c61a787da5a52a27c

    SHA512

    5f305b3cbe2b307e2802f714c5af6902786266041721c6e7f42017f77f1831e0834710c6c2766ec0ff6782d5dbafbca1a98a7ef84e9cb0fbcbfee146eee4d69e

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    95472fedb441e98dbbf81188f1afb135

    SHA1

    1e775ba100f1a29e1bc9028f097421d7c0b0a3f0

    SHA256

    62ab7c54b492be0207eef108f090fa13151e4ffa0237b0f71442d80593896dc0

    SHA512

    62668fe20ebfb1c3c11fe607bb8f9a5ad46f72c18dcee01a8dde87eda3de04dd963e299d1cf88697f8954176750c9c2161e3b32a3f6adf06bd83f08911ded75c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybAA53.tmp
    Filesize

    143.3MB

    MD5

    4d774fdc773c577517eb9c82ee0e824e

    SHA1

    d69787bfa964fb095b45eb090be7a0d1cb103a39

    SHA256

    1cf5a864c92b951981333bb67c0fdb200690baabfefd10579b0da3a0a60a7571

    SHA512

    78d3be8b0499e610b056f1f3ca6853aada622426781239a1a47a348cb26a3f895ba75e986378d1f795cf2083247570e374fcd36bd2a5f9a220866b51e81afee6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\ybAA53.tmp
    Filesize

    143.3MB

    MD5

    4d774fdc773c577517eb9c82ee0e824e

    SHA1

    d69787bfa964fb095b45eb090be7a0d1cb103a39

    SHA256

    1cf5a864c92b951981333bb67c0fdb200690baabfefd10579b0da3a0a60a7571

    SHA512

    78d3be8b0499e610b056f1f3ca6853aada622426781239a1a47a348cb26a3f895ba75e986378d1f795cf2083247570e374fcd36bd2a5f9a220866b51e81afee6

    Download Submit