Overview

overview

8

Static

static

3

3c49ffb9a0...a0.exe

windows7-x64

8

3c49ffb9a0...a0.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    02/01/2024, 13:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3c49ffb9a007d77bddc562528fe7ff75813e501345c608e553b6f0f4eeba97a0.exe

  • Size

    5.0MB

  • MD5

    55b4580409568a7f4da0af2bbcd4e24f

  • SHA1

    f3d24b71532bffad92449a00cd8c71c16e3f6114

  • SHA256

    3c49ffb9a007d77bddc562528fe7ff75813e501345c608e553b6f0f4eeba97a0

  • SHA512

    8ae468a47b5cbb9b72395657d28efb926fc357a31455bd953fcd3e4375cb07208399766ff7ccf8ce60ecd764f8726e40ab697621a7f7fd7036fbe4ced1a7c5af

  • SSDEEP

    98304:zgu9llk/yHwNf3n48LYtQMKFfikjKdzOJDb4v+6Y:rllz0Yt506LwN0v+6Y

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3c49ffb9a007d77bddc562528fe7ff75813e501345c608e553b6f0f4eeba97a0.exe
    "C:\Users\Admin\AppData\Local\Temp\3c49ffb9a007d77bddc562528fe7ff75813e501345c608e553b6f0f4eeba97a0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2672

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          1KB

          MD5

          bbce8d36794c41fa1af23f6b4559cc27

          SHA1

          bd0643a83bfc1fcec63fe515b0c4e23c7e6f2f3e

          SHA256

          4d90b75207dee6d017f46308bd64b9d68fa82c870491a92acbfea2faddab920f

          SHA512

          04ba7f9c9d465e75b5f9fcefa41ff7cc98e5e8a43ae1ff1b9da6cdce6994f48187436bedab8917ae86b6559ee6321f87d776749e29d27dcfe34612dbe6588c9a

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          3KB

          MD5

          4ce464aab8fe1442c981713e00b40607

          SHA1

          506c35f4d7b88f3cdc0c2f0e08eb3b9b99e43244

          SHA256

          e573406cc6d4f7df8ec05b8acabf16c7fdddf908d0333a46635500ea6da58e08

          SHA512

          7ed4fed12b2a4047c9f496f74c952fbd57b1e7df33eca82765873197bbe85df894eb246494b187f113039daf6f2a0995946089c8d930ec4290b9abc97144264e

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          4KB

          MD5

          33ad7317e4c02a00974b100a21bbce14

          SHA1

          847ff5b5258691ae73512d591dceea4ff5b9d450

          SHA256

          e3df6065b6a105beee3d0214f87064b2584cce217e849404ba72feb88b4cd456

          SHA512

          18f28212795f0abd4e2cdbb7a4a431a18b2624e53d5872054d8271ca4943f564772f50aa289ec8706f5c4b6c4d621bfd4897b1f32a7a3ed6cc46ebad9b97f800

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          cde464eaa3fb6ae7f66686f333ac33a2

          SHA1

          25ecb2218e42462ef488fc234e4e71c499422a04

          SHA256

          bef0c917ecccb4d793611b9728333a6c9ee96e0ba2cec3949ef94325ac8db3a1

          SHA512

          f1e8646df50d0a71fd9fbc6659f7259a1a8de9b6b99e09b7601278394b9749c5aad54f83c58bdcbfb8ea720b507b50ad32c7cd979da2561ca63c6df1b0d2d9fb

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb39F4.tmp
          Filesize

          106KB

          MD5

          7c4c285f37ea2c9d572b0a1bb8fbd694

          SHA1

          b8c51c3b6ab583011c09e709fb2ff3c6f4a0208b

          SHA256

          27f7117c2dedf19a03b7133dddb64935babef84ad5b558344c04a27be5bd95ab

          SHA512

          ed320d251a8b65ca3f1aa7a8b43cc386b507e1539b04567a83bdc931d4945c487bd74890a3ad45523a44b2b84dadd6179355ef3f2237f37faba7f3c1828295a8

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb39F4.tmp
          Filesize

          80KB

          MD5

          fd42538123b30f8cccf1d3b8e2830cee

          SHA1

          b36284844cfccada24ca12f55af694dedde977be

          SHA256

          0c6ccadacfa6a8698d6971e2badb9dcd9080ee7e1f541592d0a2e59791f888df

          SHA512

          0ee71be1c602dbce6ff945e9a1665001a7c0fdecf8fb6b2c15e8f54ac842e70e3e800e29bfd0da521f9790770ab3fa73216d78b013d8cc953af6d082f1231086

          Download Submit