129682b894986bcd3e9b8f8022e4536aafd70814477e636c7c5c496a3603f9ac

Analysis

max time kernel
122s
max time network
129s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
03/10/2023, 15:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

129682b894986bcd3e9b8f8022e4536aafd70814477e636c7c5c496a3603f9ac.exe
Size

6.2MB
MD5

e95ed3b5b9295126b6cf95dc46ccd43b
SHA1

00427a5b36899a731af29df50a0939a4796e237c
SHA256

129682b894986bcd3e9b8f8022e4536aafd70814477e636c7c5c496a3603f9ac
SHA512

e11ac3b940af5b374f09dbcebb70f2c7161138b0aad50c3024de426437679e0eada0e36fbafaa9d9bde08d1efe210bf0d9ccd86f8ce40f15a38640d515bcd145
SSDEEP

98304:TwdXBZ2/5fbjORDfIOXo55uwHruHhuDloKdzOJDb4v+2h:ikALY5zruHmJwN0v+

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
1680	129682b894986bcd3e9b8f8022e4536aafd70814477e636c7c5c496a3603f9ac.exe
1680	129682b894986bcd3e9b8f8022e4536aafd70814477e636c7c5c496a3603f9ac.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1680	129682b894986bcd3e9b8f8022e4536aafd70814477e636c7c5c496a3603f9ac.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1680	129682b894986bcd3e9b8f8022e4536aafd70814477e636c7c5c496a3603f9ac.exe

C:\Users\Admin\AppData\Local\Temp\129682b894986bcd3e9b8f8022e4536aafd70814477e636c7c5c496a3603f9ac.exe
"C:\Users\Admin\AppData\Local\Temp\129682b894986bcd3e9b8f8022e4536aafd70814477e636c7c5c496a3603f9ac.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1680

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
3KB

MD5
1b323f12a783d7b656f016635cc6ed91

SHA1
bc175aaf4218dec04a65813b130f928d8bb5d372

SHA256
5e47d31f0b200c2b14c4808e1b4a4c7dcc702ac5bcb5be1c2952e551ef4ac156

SHA512
5471186c09f5c45ad4fa98174b9835f4bfd3dcbe3b73b8846840aa124610884d103185a6b37ff07ca7accc086cd31222a66c219d641032160911ebe91f852e57

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
4KB

MD5
d1b245512642883e71959732c39dfc3e

SHA1
92ce1cc3ffc9fcce472960b4e80d509e84c806d0

SHA256
dc4c5e545ef13d36564fb809435fa8119a768afe8db7a493f9a541aa7407316d

SHA512
3cc559255f1d68b2b3179b4471e25f0309f1ffe899aade051eec187fc7e9dc55c8d62721c814d8fe3f4e6f275bb2377d205be0d577ee25c2467db2f0058cc220

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
6KB

MD5
2b80033bd0680663003aa16c9ceb00bf

SHA1
9b96a8e609443a3d808be78265387444f748568c

SHA256
9b93537b4b2b4cd370d7f3605404b8e71a7479c6e9499e26feb19b2b8dcdbd90

SHA512
0078a55ac6f630f9203e53239a71f873782ea79508b40030d24a351654dc040c87e2f5cbd614fe193c923796cdaecc6230c3ddc71123d2027c12de5dd26bd08f

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
5dc541c518ff5fe63dbf4028981707fc

SHA1
ce1002fd5f9c6886f41be819b2521177f8cb089d

SHA256
17ca7da649c5e220b60b9aa2b87381082224ad82c5a4077e0b0654db6619e5e4

SHA512
42f573fdbed79ecb2b062811ed424a956c0910b1f8ef1f85eaecb345008c5f5506def90d3ea6280ba1cd38cee35ee6b1c42c5ca1ae8ce5f8d0321131ff8124c3

Download Submit
\Users\Admin\AppData\Local\Temp\yb8F35.tmp

Filesize
140.4MB

MD5
4cb143fdad968165c2dbe48ba8950bb1

SHA1
cb0faa0650fba759a596663382cc6692dd8a727a

SHA256
4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

SHA512
a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

Download Submit
\Users\Admin\AppData\Local\Temp\yb8F35.tmp

Filesize
140.4MB

MD5
4cb143fdad968165c2dbe48ba8950bb1

SHA1
cb0faa0650fba759a596663382cc6692dd8a727a

SHA256
4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

SHA512
a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads