Overview

overview

8

Static

static

3

32f1ce16b9...79.exe

windows7-x64

8

32f1ce16b9...79.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    07-01-2024 08:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    32f1ce16b90001ba5e4692182013101a160c7fe1844697b98a96c4fc0f33d179.exe

  • Size

    4.3MB

  • MD5

    ea67243770b9269b3999e498b594dbbc

  • SHA1

    cb187f9b7b1873eb3a487451e72307c19e514a74

  • SHA256

    32f1ce16b90001ba5e4692182013101a160c7fe1844697b98a96c4fc0f33d179

  • SHA512

    2a899f8fdc9ac5adb24221ed35640745a575f073ad6ddae5727edd27ec61e7e7473436bceb0f1cd9314dd988d83bd312726b3f3b90ab095bd7b5f69d23bdca21

  • SSDEEP

    49152:qMLPIdiWU/o5LcUekfbj+whw5+r5u8QeKxFOJxdb4vZKVB:bLPIAN/nUeKbj+UFKdzOJDb4v+B

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\32f1ce16b90001ba5e4692182013101a160c7fe1844697b98a96c4fc0f33d179.exe
    "C:\Users\Admin\AppData\Local\Temp\32f1ce16b90001ba5e4692182013101a160c7fe1844697b98a96c4fc0f33d179.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    7KB

    MD5

    31000360c6ef06a623449ccfdb41884a

    SHA1

    3fb99db8843d3c917d1e6f18513b17c06b366906

    SHA256

    74cf4f011fb263e881525f416d59e538d905a1bd6531cf8c384a88697f7c285a

    SHA512

    0219e7598d084e920767bc0a16a1d82eebf32d4f53527a34a6eed9ce8d290ce531001f35861115d826f76be5964c004e112b30ea9eb31bcc618365a22c65f153

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    8c5cfe20422f90982e111e8a9a6c929c

    SHA1

    7453a7c25b76459850ec24fa21a71cdd2b297e85

    SHA256

    75c1496922c20e3200671d516547d3a90c7028c56ec034b6c3a5831bee1e027f

    SHA512

    58a2aaf4d6f0fdc586c97f09c5abacbfadc1e52fc81c3d3b31ba13e2f1d655bc57b1cf1124d6c6742d3f7204ee7e8828ce7a1c00ef30b73934a6e69f778edf62

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    815ca6898cd3e898728ed5455dedca13

    SHA1

    e177293cfff8761f48dc7fe3f50471c58e919e6a

    SHA256

    13a2a4779b7acfd19c9e03c69d0b959abc1d4d301bcdca15847967106297ccda

    SHA512

    bebeda024eee9e51a5e11f39df61a1c3a1a4765bad9b484d14ab336bcb39a8ae2a1e2cc52ab050574ba674215d23ec20a62cb7d55e2e19d22e6ed381fc4795f8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb690F.tmp
    Filesize

    152.8MB

    MD5

    8d4ce8804f4d6330cb29ffef513fcbfa

    SHA1

    a812630d4693f93940cf3569b8576c1639ec0582

    SHA256

    bfa12ffae9a2d37d7a1ca279d38876590e1d00c09f2c4dd0a226bcb4032eb82b

    SHA512

    9860a0897f3511ce39cd0f446e7f6ee54d8936786abb9502f666df2d543d2b69376a8b4aebfd3e0097a829417fcf18bcf0225cb017bf0949c75dc23984cca2fe

    Download Submit