f5a522759725a6452b918176b163f9610eaed2e981f3eaecc06684ce27011ec0

Analysis

max time kernel
121s
max time network
124s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
22/09/2023, 10:54

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

f5a522759725a6452b918176b163f9610eaed2e981f3eaecc06684ce27011ec0.exe
Size

4.0MB
MD5

dd3d79e8421eaeee52586f317355a7d4
SHA1

81a778b21f8760c34b0b45bee755091434d06e4f
SHA256

f5a522759725a6452b918176b163f9610eaed2e981f3eaecc06684ce27011ec0
SHA512

3a84501f3363b8b50d340bc32c5f4c09befd0737ccf340a56fe1a7e30c4583928f88c7ac3371999f812e690dea06e85b5b4ed8160381898794d5c9a8ec45fe1e
SSDEEP

49152:Q0N3IpkodZfdlTXKnB3nZduwP4oY+r5u8QeKxFOJxdb4vZKV:B3IfZfdJXKB3nZdhKdzOJDb4v+

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
2064	f5a522759725a6452b918176b163f9610eaed2e981f3eaecc06684ce27011ec0.exe
2064	f5a522759725a6452b918176b163f9610eaed2e981f3eaecc06684ce27011ec0.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2064	f5a522759725a6452b918176b163f9610eaed2e981f3eaecc06684ce27011ec0.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2064	f5a522759725a6452b918176b163f9610eaed2e981f3eaecc06684ce27011ec0.exe

C:\Users\Admin\AppData\Local\Temp\f5a522759725a6452b918176b163f9610eaed2e981f3eaecc06684ce27011ec0.exe
"C:\Users\Admin\AppData\Local\Temp\f5a522759725a6452b918176b163f9610eaed2e981f3eaecc06684ce27011ec0.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
1KB

MD5
95e6d40f65866945cef30dec9cc0a12c

SHA1
7504c1b099684fec72282b613cc9ffc05b6fee91

SHA256
846d18f9b78a00c93902e6af2c03794a7b91798134935a4b938de3786f122442

SHA512
1f8ab97beb9754dc2a38c9ffb856acb90d59a45ba465b0d738c2faa6fb8f234ca1424df92ae0231051e1fb458bfca37daf34450a6f9dad9de49de085e586a802

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
4KB

MD5
e85c20c5fd2a3513027859098a711f44

SHA1
5bf824685de707a437f11d3f57ea7568cde195dd

SHA256
900117a602f21d12f32727bb442b98095c98610653b88f955ef1de0a038b6f96

SHA512
ef6027a25015c200e59ebea244ec029883ecff1a910a795071921ced807c7672a17ce55034a26f3442d8063e6011531126568c608e9fdb572ff625965cd0a49b

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
1f4b488b33367786c622bb656e38a5ef

SHA1
2c8a1cb3cfcbe29e4fa4dd83855635d054855c84

SHA256
02648fffa576ec6726b08a699ebf34acd76c8b2cd3b7443632ef3bd4d9d72c92

SHA512
41ad22b270204e0f3c67d2db26e1de1f4a18c32ba55f6165bfd3e9ace70b99c021a73282226d317f10300602313878ea86ebc2202302ce9dce1bc6402cbf5732

Download Submit
\Users\Admin\AppData\Local\Temp\yb3765.tmp

Filesize
144.7MB

MD5
8c119145c9883d77d6fd9a465bab1147

SHA1
af73555d2db487872e354655915614154cf84b45

SHA256
72d17eeb0d34f72c3dd4e73a48ed6995baad23b07fde91a73c55be887e76905f

SHA512
b55de5da9ff4c7914bd14c0892533d7a7b30f4dd0f6ef93d49a3f45ded4aa408a8051124a2b4653e174d041adf111c09153cbe775448473f58c9660d95019795

Download Submit
\Users\Admin\AppData\Local\Temp\yb3765.tmp

Filesize
144.7MB

MD5
8c119145c9883d77d6fd9a465bab1147

SHA1
af73555d2db487872e354655915614154cf84b45

SHA256
72d17eeb0d34f72c3dd4e73a48ed6995baad23b07fde91a73c55be887e76905f

SHA512
b55de5da9ff4c7914bd14c0892533d7a7b30f4dd0f6ef93d49a3f45ded4aa408a8051124a2b4653e174d041adf111c09153cbe775448473f58c9660d95019795

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads