Overview

overview

8

Static

static

3

3aee1ac755...23.exe

windows7-x64

8

3aee1ac755...23.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    13/11/2023, 19:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3aee1ac7557f5ef9ebad038a00b88a74e79eaf0a7f3816b600a39e848a84cb23.exe

  • Size

    4.1MB

  • MD5

    77309b4e82c5546b144b3f4f389ad344

  • SHA1

    bd05abf3b90b18101be87c01e3bdc7216233cd8f

  • SHA256

    3aee1ac7557f5ef9ebad038a00b88a74e79eaf0a7f3816b600a39e848a84cb23

  • SHA512

    685f55424983fb0ddd2f39fe9723fa15029a5c1ca5bb3d346e550a78b1e83b961efd3066984864b692351b18194136ff97176eea99784f738cb6cf8e2aad75cf

  • SSDEEP

    49152:Wb2XfWHdZ8BhE7K2dEj9GY+r5u8QeKxFOJxdb4vZKVe:U2XeHdZChmK2dZKdzOJDb4v+e

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3aee1ac7557f5ef9ebad038a00b88a74e79eaf0a7f3816b600a39e848a84cb23.exe
    "C:\Users\Admin\AppData\Local\Temp\3aee1ac7557f5ef9ebad038a00b88a74e79eaf0a7f3816b600a39e848a84cb23.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    bc27b79f6ce5542b1a7b11fd6271ff1f

    SHA1

    4dd55ee730569e1797864a8f0a12f0d52eae8454

    SHA256

    4096c93e28df640cb78fceed239569c51ba07ef38eea415e529c0fc3bba78592

    SHA512

    0c65d0f25ad82c6a62eedfde4a7324db2b0cf026e6a3bab1803eda14aca3c6321ba87ec13b8e3e3cbe5a47327f6bdd7b8ec95ffeb7c71d494d6cc538fdb53443

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    2cfa5d6efa225cd22c1c43bd99de9033

    SHA1

    7d1ced64bc6c79afd4d596c5311446c650cfc796

    SHA256

    2dad09319e5d4a58a9ba62ba9b6c75aa1b5c62bda73b559c09955f4b792bf143

    SHA512

    14f7f3c6c4826e29438dbd31cfbdc3381dffb74b6b00c5810051d751f2d17f6c945ac9800e0a4e1d0964162b71b895697273cf287bc9bfb716c051e3faa234f7

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    570d9e54d1a40359c0d2f09a9b6ec88d

    SHA1

    7f88c08cc40fad1b8c9f57991bfcbff63a5dca2d

    SHA256

    c2ea512ab8c0afbae59c5e08c8848eecfa8e8bc9844956745e02ce172bc86b12

    SHA512

    06783adb2fd6087278ce731fe3849ef03e4e3ab1bc8a2e69e8c123a9816eca4d9f0d27b860ad5de727c0a93c98bdcc42156d54c1ff6f215df00d9efb0fad4a64

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3EF4.tmp
    Filesize

    155.2MB

    MD5

    bff5e7499c471625725a2e6c81949d39

    SHA1

    c4f57b4c59e1c3353936fbb7403335aee65d8451

    SHA256

    a3fcea5933dc50cc1186bd28969a562b56af0f543b0f22eb8fd23e686dd29796

    SHA512

    09c3a8a7d33adfd35a74526ae9c3e015139070a44aa70632e1b578938699f0b6b45038feadcdb9455607ea68237d90bd9b6b6548ba24de0447a438184942d8cc

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb3EF4.tmp
    Filesize

    155.2MB

    MD5

    bff5e7499c471625725a2e6c81949d39

    SHA1

    c4f57b4c59e1c3353936fbb7403335aee65d8451

    SHA256

    a3fcea5933dc50cc1186bd28969a562b56af0f543b0f22eb8fd23e686dd29796

    SHA512

    09c3a8a7d33adfd35a74526ae9c3e015139070a44aa70632e1b578938699f0b6b45038feadcdb9455607ea68237d90bd9b6b6548ba24de0447a438184942d8cc

    Download Submit