ad0342ea5cd3640209c3674f81693a17b095fd1342966e50ec4d1a74be5c1642

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
18/08/2023, 16:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ad0342ea5cd3640209c3674f81693a17b095fd1342966e50ec4d1a74be5c1642.exe
Size

4.5MB
MD5

88465d0f1ef03b5dbc96da6e5c44e42e
SHA1

deae1326ef33d859da771801564e4e63cdbf497a
SHA256

ad0342ea5cd3640209c3674f81693a17b095fd1342966e50ec4d1a74be5c1642
SHA512

b6d70611b6643f8455c6330510137284ffa00be68ab6ddcd8bc3f52acc226ca8f0d2f599cc9d3f512b435a706b560ef7de0cc81dbec025fe4ab28dc1d5f24fff
SSDEEP

98304:ZOLHzIDtxDSK2Qi26im50OORKdzOJDb4v+:qym50OlwN0v+

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
864	ad0342ea5cd3640209c3674f81693a17b095fd1342966e50ec4d1a74be5c1642.exe
864	ad0342ea5cd3640209c3674f81693a17b095fd1342966e50ec4d1a74be5c1642.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
864	ad0342ea5cd3640209c3674f81693a17b095fd1342966e50ec4d1a74be5c1642.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
864	ad0342ea5cd3640209c3674f81693a17b095fd1342966e50ec4d1a74be5c1642.exe

C:\Users\Admin\AppData\Local\Temp\ad0342ea5cd3640209c3674f81693a17b095fd1342966e50ec4d1a74be5c1642.exe
"C:\Users\Admin\AppData\Local\Temp\ad0342ea5cd3640209c3674f81693a17b095fd1342966e50ec4d1a74be5c1642.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Cab9040.tmp

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
2KB

MD5
31e1979a6382b46f9584efb4507d4c3a

SHA1
5ca2b015c7aee64bc7e2ea579115bd49c6683f0d

SHA256
24225c2ad6ed34886162d1fe9b892003f2dd8cba93beed49597c30b7b371805d

SHA512
5d09ed1b1bf554c23cc0e71b3c139ac69f2ab3aa19e476b4b6c5e156ad775f2a8eaa536c6417a90e9af5a30888ab298711f8ba123f24c1effe132c1e6d412db9

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
5KB

MD5
afdf564c26c5217a27177cee29b2524b

SHA1
8f0b68ad3a323dafad437b93af4cb5c6246d2983

SHA256
3218b4e2bc0afb106b8994eb15661a86585fe6979fa80351b09b8c45cb119349

SHA512
c65b85c85e990abf8160b4f37aaf1efc9cf359526351fa0780e16af2e09e4f0481fa7052570212afa73b376d951d4896af794c622a68a17f618f3ae04fe10eb8

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
8cf4e4da38ebbcad8d6017e3363a54b6

SHA1
fcb82319f6733697c87328f21d713e9205be274b

SHA256
cce9efda946feec869bcdfb9a536f935c4a83928fcf7feeedc89a1b1eb36e85a

SHA512
89d40db32ec057eb6099045e13d0993ffc20782fd918e76e7e8faa862b0ddebcf1e066c1d8b78a792147751e53bd115b66e69c79e16d66dd20775615bf399401

Download Submit
\Users\Admin\AppData\Local\Temp\yb8C39.tmp

Filesize
129.8MB

MD5
51a534ddfddb68c31a1ba04aa86d5e6d

SHA1
25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

SHA256
c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

SHA512
1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

Download Submit
\Users\Admin\AppData\Local\Temp\yb8C39.tmp

Filesize
129.8MB

MD5
51a534ddfddb68c31a1ba04aa86d5e6d

SHA1
25a12cdb763d5cde3d7cfc2717c84a9c9e99c130

SHA256
c54ee5e9df39d78f2cd3fd6881e420e6d56c317b1aabf869686c6c40f9981b71

SHA512
1f206ad90ed780f65431068da1287dd2201fc5610bda669d3eaaecae48a85d1abd995ca32a6178c7ae1190c552c1eb328f44e0c0fe9cec4099f6f2fcf69b5548

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads