Overview

overview

8

Static

static

3

329102326e...33.exe

windows7-x64

8

329102326e...33.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2024 10:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    329102326e20481e73b8feb887d621db140dc8729837937a8b3f4b02527c8833.exe

  • Size

    4.7MB

  • MD5

    8b884128cc6c069b6be8e498480b50cd

  • SHA1

    dd7d07d17604558cf254fbadcf2dd784ca22c4af

  • SHA256

    329102326e20481e73b8feb887d621db140dc8729837937a8b3f4b02527c8833

  • SHA512

    1f07ae8384aec4a37a0351c5fa2cb99540f60092b7f506c0940378d08898c3737626ce7eee3b98a3f0c7f157cc4d661e2db7fd2b783c2853780210f165034817

  • SSDEEP

    49152:dc2XwJXdAk1PBOldp9rEbjB/hKTYYd6zTaMubLmjVPU5+r5u8QeKxFOJxdb4vZKN:pXwJNf1pip9AbjBwsaMW6KdzOJDb4v+

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\329102326e20481e73b8feb887d621db140dc8729837937a8b3f4b02527c8833.exe
    "C:\Users\Admin\AppData\Local\Temp\329102326e20481e73b8feb887d621db140dc8729837937a8b3f4b02527c8833.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    6KB

    MD5

    9ef3860d40b465e67ec9dd4e48ebbd55

    SHA1

    762b3528f434d84da2f887309a721fd887fd0455

    SHA256

    87a5d38b5646e4695f360aedf3192a99459eddcd037892434c3f0587e370b268

    SHA512

    1b770db108134cb153e9574d8e94335d780428af6222a713a24f10aaecae2fb039c1f0745c7ee1add161778b460d1cf84245fce76f9d079f41c3602b858a468a

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    bec2d12a3f9b9374e9fa37357c00b5b8

    SHA1

    76e171e0391af21cdbc9bce7c07420d8ef3cf565

    SHA256

    55cd76237f97d34d1fab412b7bb8a6bb670bb84733f5d498239bc94d82125885

    SHA512

    081dbd11923f896d944288c02abbae796d00dce0a253a816389f496d38660519af185f88b5c1155b24fb7186f153a87fe85f4aee29dc8e91889a07534eda35d7

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb19A8.tmp
    Filesize

    9.1MB

    MD5

    59d00dd2742ac968fba188baa2d8589c

    SHA1

    ff0c6d4d129c80b98b3bd79847bde2cd77ed08f1

    SHA256

    26b03e39ea946d64ce330a35e1e777802c1a78506380eb5a660b333392bdaf58

    SHA512

    3c5ae51a0fcf81be46ca10a1076ecd418c9e6440fcf6fa15ec5a3690c5882b85b2865d99f0b5a4a7a794842c98ec3d696e967da1fa45fcd5d3c3d88eadd23121

    Download Submit

  • \Users\Admin\AppData\Local\Temp\yb19A8.tmp
    Filesize

    7.4MB

    MD5

    1d6bf3f9d8d09de52ccb94b7039f9ecc

    SHA1

    3e09557b072dd442c2a225f1ecb65d4f0c86deca

    SHA256

    10d43f5abcb6f8e579a96f9acd5db301a6cc9d5f5e2aff35ba55dcec0fa3c27a

    SHA512

    df6609d5a01669850ba93fb937897b8ad0757296276aecd30e8740d4b0980944b6482387535ce6b28e004e15ab84aa9b810c4bee38efb175b9a3be1e8a614795

    Download Submit