Overview

overview

8

Static

static

3

3e16723f4f...dc.exe

windows7-x64

8

3e16723f4f...dc.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    136s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    05-01-2024 16:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3e16723f4ffebb29b54551678daa719ecf9d683f90b935d0d741606149dd75dc.exe

  • Size

    5.1MB

  • MD5

    5abb01e9eb3dfc01b82e0257f9838304

  • SHA1

    6200de8781751776b5bb93d60b889b71838e2e30

  • SHA256

    3e16723f4ffebb29b54551678daa719ecf9d683f90b935d0d741606149dd75dc

  • SHA512

    9130ad4737f68400c3effaf2ea3bafa1a0a165a25d4bd18b96b65b26cd6eaa4473172e1b8c0cd28a37f88f787dedf0268f2cab0b349ef96fad68238faa3310b4

  • SSDEEP

    98304:8HenYKGxUcl3nT86Ytacv5Se1KdzOJDb4v+u:8Hr/YtacvuwN0v+u

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3e16723f4ffebb29b54551678daa719ecf9d683f90b935d0d741606149dd75dc.exe
    "C:\Users\Admin\AppData\Local\Temp\3e16723f4ffebb29b54551678daa719ecf9d683f90b935d0d741606149dd75dc.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    4543395b8af81aea28d1d5bb9e32a796

    SHA1

    a0fa54c6abb8763058fa9a8128f936911e41e19a

    SHA256

    4ee23b8aadc3f02ff664190269868d29bfe55d68fe22acf05ff7ccb2c62c6923

    SHA512

    be189fab3d9d0101cc396ad92fbc114b7bb53048aafc370d88d9b8cf5f52c5a1f949c119559734e2654b780e1e91296fd7c926486cbb30a994a262474111df5b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    86f01f876d6e8cb960fb836523757361

    SHA1

    5c54f4a0ce331f5511ec20d0095018c6a93e7dfd

    SHA256

    9a0cd2d91aa0ae6f7ee79fb7234164df0603287f3a016f255c3ce9e51977730f

    SHA512

    75decfc9dde244382961710e3e8b218439adec9afe1c731435fbe923ae80e8257ef00e9b4782521f650d141368510f3a43342a862614eb5ca60560c61bf6e86d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8353.tmp
    Filesize

    2.1MB

    MD5

    7bfd43aa8e2dce02944ea95f4cf0165e

    SHA1

    3d724d219af77849448541974fed721069066b0d

    SHA256

    0411f105ddf75953b004ea84f92b510fe51f859b3c6e90e8fba6aa6483ce0c13

    SHA512

    909a2ac4e9ddb11b267a56e96ca705d43f5d65a87ea82a6b3f2da3347c9aeec09fd02258403c53c46855a6296812e5985ef0b5b3d578f7f153c1c261ee9d5d1f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb8353.tmp
    Filesize

    2.4MB

    MD5

    f46b5c4673a5f6f55d64b51b82f8f3db

    SHA1

    cf20797ddbdbc8ebbab871f613817a4d12237994

    SHA256

    a3f5e424f741fa7896bba4ceca47a8a7e81f35c8e4b03c2bd74157b38d9ebbcf

    SHA512

    156c0714915747e5d0113ee8cda0203ea19fbd90b10b22924dc089551f1fd02d2999ae19fa867baef053268d2fb6258b4e628efeb1a3013d675ab1262118d3f6

    Download Submit