c481396f3c2527ff736d7c47c19603c06baea30f6128e2c0ed1732fab41f779f

General

Target

NTLite.exe
Size

8.3MB
MD5

cca72a4a4fd0dc2c2d8cec4ad740cc20
SHA1

1f94e470ea19d97ad6b730192e5ccfaa129d76bd
SHA256

c481396f3c2527ff736d7c47c19603c06baea30f6128e2c0ed1732fab41f779f
SHA512

28f002e5f244800751bb51a0450601a82b37e52623740302763eb8232ee6dcd48daf4052fcd5c283cd31cd0bc76536c88e8607fd975e8d220d0f0445fabb3d16
SSDEEP

196608:2qZXXEYRW/H0hbcsv23ouHCRZ5MRyM3NzM0zbEJV7dI2x:2qpEYsCcw23ouH+ZKzKV7+e

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes:

NTLite.exe

pid process

1152 NTLite.exe
Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

NTLite.exe

pid process

1152 NTLite.exe

pid	process
1152	NTLite.exe

pid	process
1152	NTLite.exe

C:\Users\Admin\AppData\Local\Temp\NTLite.exe
"C:\Users\Admin\AppData\Local\Temp\NTLite.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:1152

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1152-54-0x0000000140000000-0x000000014112F000-memory.dmp

Filesize
17.2MB

Download
memory/1152-55-0x0000000140000000-0x000000014112F000-memory.dmp

Filesize
17.2MB

Download
memory/1152-56-0x0000000140000000-0x000000014112F000-memory.dmp

Filesize
17.2MB

Download
memory/1152-57-0x0000000140000000-0x000000014112F000-memory.dmp

Filesize
17.2MB

Download
memory/1152-58-0x0000000140000000-0x000000014112F000-memory.dmp

Filesize
17.2MB

Download
memory/1152-60-0x0000000140000000-0x000000014112F000-memory.dmp

Filesize
17.2MB

Download
memory/1152-61-0x0000000001C80000-0x0000000001E93000-memory.dmp

Filesize
2.1MB

Download
memory/1152-62-0x0000000140000000-0x000000014112F000-memory.dmp

Filesize
17.2MB

Download
memory/1152-63-0x0000000140000000-0x000000014112F000-memory.dmp

Filesize
17.2MB

Download
memory/1152-64-0x0000000001C80000-0x0000000001E93000-memory.dmp

Filesize
2.1MB

Download
memory/1152-65-0x0000000001C80000-0x0000000001E93000-memory.dmp

Filesize
2.1MB

Download
memory/1152-69-0x000007FEFEDE0000-0x000007FEFEE7F000-memory.dmp

Filesize
636KB

Download
memory/1152-70-0x000007FEFED00000-0x000007FEFEDDB000-memory.dmp

Filesize
876KB

Download
memory/1152-71-0x000007FEFA120000-0x000007FEFA191000-memory.dmp

Filesize
452KB

Download
memory/1152-72-0x000007FEFDA20000-0x000007FEFDB4D000-memory.dmp

Filesize
1.2MB

Download
memory/1152-73-0x0000000076AC0000-0x0000000076BDF000-memory.dmp

Filesize
1.1MB

Download
memory/1152-74-0x000007FEFCD10000-0x000007FEFCD7C000-memory.dmp

Filesize
432KB

Download
memory/1152-75-0x000007FEFA5B0000-0x000007FEFA5D7000-memory.dmp

Filesize
156KB

Download
memory/1152-76-0x000007FEFCD90000-0x000007FEFCDC6000-memory.dmp

Filesize
216KB

Download
memory/1152-77-0x000007FEFEE80000-0x000007FEFEEE7000-memory.dmp

Filesize
412KB

Download
memory/1152-78-0x0000000076BE0000-0x0000000076CDA000-memory.dmp

Filesize
1000KB

Download
memory/1152-79-0x000007FEFE9F0000-0x000007FEFEAC7000-memory.dmp

Filesize
860KB

Download
memory/1152-80-0x000007FEFCE90000-0x000007FEFCEAA000-memory.dmp

Filesize
104KB

Download
memory/1152-81-0x000007FEFD840000-0x000007FEFDA17000-memory.dmp

Filesize
1.8MB

Download
memory/1152-82-0x000007FEFC4A0000-0x000007FEFC4EE000-memory.dmp

Filesize
312KB

Download
memory/1152-83-0x000007FEFD750000-0x000007FEFD7C1000-memory.dmp

Filesize
452KB

Download
memory/1152-84-0x000007FEFEAF0000-0x000007FEFECF3000-memory.dmp

Filesize
2.0MB

Download
memory/1152-85-0x000007FEF6C60000-0x000007FEF6C93000-memory.dmp

Filesize
204KB

Download
memory/1152-86-0x000007FEF6BD0000-0x000007FEF6C24000-memory.dmp

Filesize
336KB

Download
memory/1152-87-0x000007FEFB130000-0x000007FEFB345000-memory.dmp

Filesize
2.1MB

Download
memory/1152-88-0x0000000140000000-0x000000014112F000-memory.dmp

Filesize
17.2MB

Download
memory/1152-91-0x0000000076AC0000-0x0000000076BDF000-memory.dmp

Filesize
1.1MB

Download
memory/1152-90-0x0000000076CE0000-0x0000000076E89000-memory.dmp

Filesize
1.7MB

Download
memory/1152-89-0x000007FEF6CF0000-0x000007FEF6D2B000-memory.dmp

Filesize
236KB

Download
memory/1152-92-0x000007FEFCD10000-0x000007FEFCD7C000-memory.dmp

Filesize
432KB

Download
memory/1152-104-0x000007FEFD830000-0x000007FEFD838000-memory.dmp

Filesize
32KB

Download
memory/1152-105-0x000007FEFA6C0000-0x000007FEFA6CB000-memory.dmp

Filesize
44KB

Download
memory/1152-111-0x000007FEFCB30000-0x000007FEFCB3F000-memory.dmp

Filesize
60KB

Download
memory/1152-112-0x000007FEFADE0000-0x000007FEFADE7000-memory.dmp

Filesize
28KB

Download
memory/1152-113-0x000007FEF6C30000-0x000007FEF6C53000-memory.dmp

Filesize
140KB

Download
memory/1152-94-0x000007FEFCBA0000-0x000007FEFCD07000-memory.dmp

Filesize
1.4MB

Download
memory/1152-116-0x0000000002610000-0x0000000002619000-memory.dmp

Filesize
36KB

Download
memory/1152-117-0x000007FEFCEC0000-0x000007FEFCF12000-memory.dmp

Filesize
328KB

Download
memory/1152-118-0x000007FEFAF20000-0x000007FEFAF4D000-memory.dmp

Filesize
180KB

Download
memory/1152-121-0x0000000140000000-0x000000014112F000-memory.dmp

Filesize
17.2MB

Download
memory/1152-122-0x0000000076CE0000-0x0000000076E89000-memory.dmp

Filesize
1.7MB

Download
memory/1152-123-0x0000000076AC0000-0x0000000076BDF000-memory.dmp

Filesize
1.1MB

Download
memory/1152-153-0x0000000001C80000-0x0000000001E93000-memory.dmp

Filesize
2.1MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads