Overview

overview

8

Static

static

3

6c3e15c6ce...3b.exe

windows7-x64

8

6c3e15c6ce...3b.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 22:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6c3e15c6cef29bc7a3de5cebb5db6ac57b5ce9c368cd8a62b8461d4b8628f03b.exe

  • Size

    2.3MB

  • MD5

    49f5d726f7806ee8746901e75eed9d24

  • SHA1

    98af2932204e3fbef23c784fc3553f9387c56117

  • SHA256

    6c3e15c6cef29bc7a3de5cebb5db6ac57b5ce9c368cd8a62b8461d4b8628f03b

  • SHA512

    0f4eb1403b8e399b21815fd023c23eda6a501201e9f9e65d2a1f0eb4d84b2df85c55ba71212f788651ed79c31fc5e2cfb8291ff17c271ff84f57a749de647444

  • SSDEEP

    49152:+vQS3uhB4VA+riwCGqfh1c6mp+r5u8Qe:+9+hBUA+riRGqfhGyK

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6c3e15c6cef29bc7a3de5cebb5db6ac57b5ce9c368cd8a62b8461d4b8628f03b.exe
    "C:\Users\Admin\AppData\Local\Temp\6c3e15c6cef29bc7a3de5cebb5db6ac57b5ce9c368cd8a62b8461d4b8628f03b.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2292

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          4KB

          MD5

          12de3c40c74b8fe418f0146f24cbdd1b

          SHA1

          5df6f0b8f509820d2886562a5c91775f44b38e0c

          SHA256

          6b608d9227fb9113920ead6c4135b997e4c5fb3bb49845c70bc8369e45c3393d

          SHA512

          f77fc31cb4c7a68947521a50a69d00a434d1d7f259758fabb42e52dedc37c04cd380a6e2b4a5f181cd6d70d29721abc61f4a4e1b9a05eca900bacd8af97aae1e

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          fd98166b938b15e447c2124161be98bd

          SHA1

          538ce9d2a863d4e98fb119b6e1338106b3289480

          SHA256

          1732c315d3af70f936c6b45783e39e685c24f6d698a6cdefb326c1887418ef31

          SHA512

          febafecc001ad196f86b28f3e831fec8cde2a936347bdc7b39761479bf9eb846c53b38c84512efe7976cdacb10100389ef571167d738ccef2f0d37ca9364b4fd

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb50BF.tmp
          Filesize

          143.1MB

          MD5

          036b2f7390449bf5e629e6b971341322

          SHA1

          e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

          SHA256

          37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

          SHA512

          75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb50BF.tmp
          Filesize

          143.1MB

          MD5

          036b2f7390449bf5e629e6b971341322

          SHA1

          e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

          SHA256

          37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

          SHA512

          75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

          Download Submit