5f3bb8c19f5730c0947035cdd486a9b4c3f516e48c84b05b0c713d3e726ea2d0

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
04/10/2023, 08:48

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

5f3bb8c19f5730c0947035cdd486a9b4c3f516e48c84b05b0c713d3e726ea2d0.exe
Size

4.1MB
MD5

05cbf2864c3e8636272281a614048397
SHA1

1ba7e93b321444d6ca4da569dc09622a820bd7d2
SHA256

5f3bb8c19f5730c0947035cdd486a9b4c3f516e48c84b05b0c713d3e726ea2d0
SHA512

202a945d776ca97ce4628d9de456758d1a1484e1cfa7e5d4d77576005233308bb291d321922bbc2619c8d131181f79059c89d5e9287cf59096ebc90cd61869ad
SSDEEP

49152:uJG1P05g+Wzi3n0txevRVyY+r5u8QeKxFOJxdb4vZKV:2G1c5g+Wm3n0tfKdzOJDb4v+

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
2324	5f3bb8c19f5730c0947035cdd486a9b4c3f516e48c84b05b0c713d3e726ea2d0.exe
2324	5f3bb8c19f5730c0947035cdd486a9b4c3f516e48c84b05b0c713d3e726ea2d0.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2324	5f3bb8c19f5730c0947035cdd486a9b4c3f516e48c84b05b0c713d3e726ea2d0.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2324	5f3bb8c19f5730c0947035cdd486a9b4c3f516e48c84b05b0c713d3e726ea2d0.exe

C:\Users\Admin\AppData\Local\Temp\5f3bb8c19f5730c0947035cdd486a9b4c3f516e48c84b05b0c713d3e726ea2d0.exe
"C:\Users\Admin\AppData\Local\Temp\5f3bb8c19f5730c0947035cdd486a9b4c3f516e48c84b05b0c713d3e726ea2d0.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
6KB

MD5
02558227f4bd5fca27d59233be9fc04d

SHA1
b791ad7078aeb221e77529073fad648c9d8b2a93

SHA256
2bf7eab85a387133a064da03da36ff124d8af082e25ea6e6a3e78a7ac9a70545

SHA512
f99cdfb04cecf8f0a5f15e2315f3803a11cd778c5de666e9a8fa52a8465ba53dbd6484656d4d215c4fd8ae67cf292d0978f9b8dbc12c36811c599e69ccfc31f6

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
1KB

MD5
ada536f9e8abe1328d5e48d58b9f1039

SHA1
b5f19963065788c306bda4a732b1c58549144b90

SHA256
04f2f20394b9cb252a2206a7538b6f984ae158c6f56401e44976221f87547780

SHA512
6c9758e025094d32ffcbba1c33e9576405ae0d4292fcfe67773e9749b475cf29728ebf4a3d5f9c17d37ac194b22c30af2190578a9eed018aeff94ae255743bb1

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
717cdb7e6fb1ed571f4b75b8b4587367

SHA1
ed05be3e54e2b7500de0c507bca3639703c1e5ef

SHA256
217db57e61370ba5971df027bef598569d5fee878892d9ff4459557f63363d6f

SHA512
e0ec392868af1569ef828ceeb3459521a80ede3ae0c6d5e1b5b2d84caf4e60f3507795f1412473fd1ce676824aa38b525ac4f577a1f8301b526137f91fcd8318

Download Submit
\Users\Admin\AppData\Local\Temp\yb4A1A.tmp

Filesize
140.4MB

MD5
4cb143fdad968165c2dbe48ba8950bb1

SHA1
cb0faa0650fba759a596663382cc6692dd8a727a

SHA256
4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

SHA512
a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

Download Submit
\Users\Admin\AppData\Local\Temp\yb4A1A.tmp

Filesize
140.4MB

MD5
4cb143fdad968165c2dbe48ba8950bb1

SHA1
cb0faa0650fba759a596663382cc6692dd8a727a

SHA256
4daab0bcf0af280b939c6b52df6d7b98bdad5d062b65fc4318e44f948f43103c

SHA512
a6613467737f9ad3a554a97e71053451eac5ba966550708b77b4b1ae1a0c1aab1845ff94563701a1ff1cad27cfef59d8f733838871d139c4599ae72a104ea821

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads