Overview

overview

8

Static

static

3

3e2e689003...bf.exe

windows7-x64

8

3e2e689003...bf.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    122s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    13/01/2024, 10:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3e2e68900315fcec7a93249b8868cb386044221adaed52bc99496512b9e7b8bf.exe

  • Size

    5.1MB

  • MD5

    01c999f199ce73330d0d6e1fd4ef169a

  • SHA1

    cd4c0643c4fdd13c443fb3e5573ab74ad8e0d731

  • SHA256

    3e2e68900315fcec7a93249b8868cb386044221adaed52bc99496512b9e7b8bf

  • SHA512

    ceda3e615c6d29a85f14d8cc754794626d259da89e6ea5b1cb5982f9e7a901d3772b9ad872f821d689f9989ed898579f6ce4f8c8bbf075cc6f89d5a5942d46fe

  • SSDEEP

    98304:8HenYKGxUcl3nT86Ytacv5Se1KdzOJDb4v+u:8Hr/YtacvuwN0v+u

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3e2e68900315fcec7a93249b8868cb386044221adaed52bc99496512b9e7b8bf.exe
    "C:\Users\Admin\AppData\Local\Temp\3e2e68900315fcec7a93249b8868cb386044221adaed52bc99496512b9e7b8bf.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2636

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
          Filesize

          4KB

          MD5

          3bf9441c1885ccc0b9485b43c98a046c

          SHA1

          af1ac07d5732809e81209fae7c0a32cab05636d6

          SHA256

          8170195b2cf4872c0cd7072c6aa209ef46fafa32abf61d3305dd3394e38433ef

          SHA512

          e9a0470ed7a5660818b3206715c4c882d135a7a61a180fc81e1f10b8bc1ba1d483ec54ef0d2f3de08e199e36dc2c214227e5533d39e2e9afd421ac4131d5f1ae

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Yandex\ui
          Filesize

          38B

          MD5

          5189e90a30e75c92fb3c619d337084ed

          SHA1

          97aa0ee4344f1d6398f60a121080e44706322e4d

          SHA256

          9c1cdd8335d4cad9aea772b0f04de7db15a0687216ed9a2218623715006750d0

          SHA512

          ed8d71118fd25f57affd650dca4e78943df585488062be6aaab3602c30aca8574e5cca4faeeee8a16ab232cd0fd1b07f3401696fb0fe8b634347ba5d3f1f8f84

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb5013.tmp
          Filesize

          6.3MB

          MD5

          08f2141e44005016bbc6e91807ecbd5f

          SHA1

          9f3ba803a1e2bc9dc28bcf722325e1c71e305a33

          SHA256

          b7e830ab0341ec38b0d54be1329f47584b5f295c49b8810e5b381139d7885707

          SHA512

          a4cbfe865ac64c711a2d4adbdcc214d195f2922198fe7cd32784f9338cd3619062c2a093d3fb245791534f5868b32aa1848013aa2d5a62984d57b6fb6832ec59

          Download Submit

        • \Users\Admin\AppData\Local\Temp\yb5013.tmp
          Filesize

          4.4MB

          MD5

          5bc0e33e794c446554d62f6377aad155

          SHA1

          7041bfc7dc188204a2b9ee815afb7fa172657e50

          SHA256

          14d44f1f5a04af06da6ac817f8899c44942b2d2c4cf2aab223652757b955ddf8

          SHA512

          5a0842075bfe6193e486db1bd1d1adc90640c19675475f8f3e1ed1b8c8fb92d8047a9c90d819efa801462ca39a8c59eefe5ae935074281912b94d41f06007fc3

          Download Submit