fb316de133d819a2aea90a4cc12e1fb93448d50c6e6b275068e00ae9ab024b0c

Analysis

max time kernel
117s
max time network
124s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
02/09/2023, 17:22

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

fb316de133d819a2aea90a4cc12e1fb93448d50c6e6b275068e00ae9ab024b0c.exe
Size

3.7MB
MD5

5624dfeaa97a66e7b03559b3921b962e
SHA1

925c48aea345357e75dc39156590d664db1d8d76
SHA256

fb316de133d819a2aea90a4cc12e1fb93448d50c6e6b275068e00ae9ab024b0c
SHA512

2ebc128cefc02d70e4dcd074e439b92de40ac3297a31c5f2a2232784f04316017fd54ff5c69455c2c57f533977b0fbaf2840d84f14f014604cfddbfdd0225dd6
SSDEEP

49152:WhQ8lPzRnZp4y5C6mB0j4KTB+r5u8QeKxFOJxdb4vZKV8:SllLRnZp4yE6mdVKdzOJDb4v+8

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
2412	fb316de133d819a2aea90a4cc12e1fb93448d50c6e6b275068e00ae9ab024b0c.exe
2412	fb316de133d819a2aea90a4cc12e1fb93448d50c6e6b275068e00ae9ab024b0c.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2412	fb316de133d819a2aea90a4cc12e1fb93448d50c6e6b275068e00ae9ab024b0c.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2412	fb316de133d819a2aea90a4cc12e1fb93448d50c6e6b275068e00ae9ab024b0c.exe

C:\Users\Admin\AppData\Local\Temp\fb316de133d819a2aea90a4cc12e1fb93448d50c6e6b275068e00ae9ab024b0c.exe
"C:\Users\Admin\AppData\Local\Temp\fb316de133d819a2aea90a4cc12e1fb93448d50c6e6b275068e00ae9ab024b0c.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Cab46D1.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
4KB

MD5
0d9a970cb62c77e601f840798182f443

SHA1
b212379b0f435627675f87eed22a2faeb6270d9b

SHA256
5a3d97de093fe97b1091f1544aaa279330ef6cae90cfd5223eba909d2a5ba78e

SHA512
7329a5f015fcc5dd4a8fedb6060fe5edabe284b134bf6207e9b899c4d8649e7769e2f2916ffd7f9a63b92690decc2b5263ab60d551cf5f75cdd0e8ab53d43aed

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
5a5445bc692a9ea5e6e7fc073776ea0c

SHA1
5ab1ca46dc8c032f320710762a474895f561b7c6

SHA256
77fc2afe73a85030948b654bb62e145e6b2c88c2b9532a2c2b55026789b6f284

SHA512
898d74a096bd2465e8d0742ab5c0a4393f174f64a07601ed69813e286c73dd1afe348e50dfd73f3a6c09ae5e6963636406872426a34195339fd48456723e0149

Download Submit
\Users\Admin\AppData\Local\Temp\yb4357.tmp

Filesize
143.5MB

MD5
57d1ad0cd26b7e6c8b8c8207b4f5d640

SHA1
f0c826dbdff06d6e14c23876f6331fea2ff8c054

SHA256
8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

SHA512
e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

Download Submit
\Users\Admin\AppData\Local\Temp\yb4357.tmp

Filesize
143.5MB

MD5
57d1ad0cd26b7e6c8b8c8207b4f5d640

SHA1
f0c826dbdff06d6e14c23876f6331fea2ff8c054

SHA256
8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

SHA512
e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads