7f330a86a1394d0fe0034b57f1f4625e3852a4a430a0db49fdeed0e76ccb56f9

Analysis

max time kernel
119s
max time network
128s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
03/09/2023, 11:43

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

7f330a86a1394d0fe0034b57f1f4625e3852a4a430a0db49fdeed0e76ccb56f9.exe
Size

3.7MB
MD5

b471992c8d32dfbe29ec6f339560f6e7
SHA1

237e0b896473e1e449f87471142fe0b20a776888
SHA256

7f330a86a1394d0fe0034b57f1f4625e3852a4a430a0db49fdeed0e76ccb56f9
SHA512

d27c6065dc12d76b5cf0bda1099d0c3bded795b3e58523039fbf78b4eb2c833391eb0d7a8a6ad17c04b3af2265615072c74288819da3f0634e4b2077acf49e85
SSDEEP

49152:WhQ8lPzRnZp4y5C6mB0j4KTB+r5u8QeKxFOJxdb4vZKV8:SllLRnZp4yE6mdVKdzOJDb4v+8

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
2148	7f330a86a1394d0fe0034b57f1f4625e3852a4a430a0db49fdeed0e76ccb56f9.exe
2148	7f330a86a1394d0fe0034b57f1f4625e3852a4a430a0db49fdeed0e76ccb56f9.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2148	7f330a86a1394d0fe0034b57f1f4625e3852a4a430a0db49fdeed0e76ccb56f9.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2148	7f330a86a1394d0fe0034b57f1f4625e3852a4a430a0db49fdeed0e76ccb56f9.exe

C:\Users\Admin\AppData\Local\Temp\7f330a86a1394d0fe0034b57f1f4625e3852a4a430a0db49fdeed0e76ccb56f9.exe
"C:\Users\Admin\AppData\Local\Temp\7f330a86a1394d0fe0034b57f1f4625e3852a4a430a0db49fdeed0e76ccb56f9.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
1KB

MD5
889fb0b9819866e27b2904090eec1920

SHA1
9c577e924742317f0c5f6bb1a8508690fe44bcaa

SHA256
ee612240948058bd82baeb8d0a9cbaf6a9ced66d1824b2bd1931d10f949a9df1

SHA512
bb456aa2e1b5f0a36f55314d1105f624cf33cbabc9297e7b3e64a32e6480ed11e75064efd8ba283ccef688f1d5d9479155b639f8a07d38efc79a2f52f58d691e

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
6KB

MD5
02be393ad83dd87eb188f89f67fda563

SHA1
b776fb40b9b38fdc2a91b7aa96a86896d9046beb

SHA256
4fdb7b79f66a31a6b66b86bcd175d885cbbe674a3bbe2cec47dcb61d2db3e434

SHA512
772a72691a17c727c40400cfa3972390ba538bba56ae69279d528dea32f98aa13b07eb03b019eda7254356e38e978b6bc43f8c91c274ddcdee2798ba00ee368d

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
d39d9c668efce6c82058260c294e49fc

SHA1
22c2147c06588e75810d3f60c600d75e5b7382de

SHA256
7c62f5cf981b5a683cdbb5b9566c553cfaeaf4b2a3e92f56bc754d668d4b9668

SHA512
47272b56216381d7c1b45b246179ec370aed45a09b21efbd6a6237e2a7519c46ed03f1b8dee013dccb7fc2198f9315187e4d6c0537eaef717d422e30e5facbb5

Download Submit
\Users\Admin\AppData\Local\Temp\yb83EF.tmp

Filesize
143.5MB

MD5
57d1ad0cd26b7e6c8b8c8207b4f5d640

SHA1
f0c826dbdff06d6e14c23876f6331fea2ff8c054

SHA256
8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

SHA512
e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

Download Submit
\Users\Admin\AppData\Local\Temp\yb83EF.tmp

Filesize
143.5MB

MD5
57d1ad0cd26b7e6c8b8c8207b4f5d640

SHA1
f0c826dbdff06d6e14c23876f6331fea2ff8c054

SHA256
8e5650e96c899074fd85714ac9acf04f517737f952aed0a1d1a3596cf4d3c4a8

SHA512
e6e0f0005123e7bff7e309a5112607b501861ac94cead777f74cd8a830331f28c86200854593909958aa0a45f70304143ea555d97f5c59cfce96fe1aaa789ca9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads