a4e92c53240b53496e4790d9170b9ff4858accc50eaff2b028d78181457c338d

Analysis

max time kernel
118s
max time network
131s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
13-10-2023 13:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a4e92c53240b53496e4790d9170b9ff4858accc50eaff2b028d78181457c338d.exe
Size

4.6MB
MD5

80ab0067041ea9e091095329bd11d76c
SHA1

7780f386c7b560faf6a8f58a3baecdc3072c0b50
SHA256

a4e92c53240b53496e4790d9170b9ff4858accc50eaff2b028d78181457c338d
SHA512

7a5cb4585b841f66fa54ebc2708c9f6108728d03cbd7cc964da328ddd780c6d91a3b5c372cc66dcaea91d002108f1836a667ca110241fcdebdf03ee45e8f9d77
SSDEEP

98304:6aVizMvkMUg3n5xmtDasmlKdzOJDb4v+:+MsR39wN0v+

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
2840	a4e92c53240b53496e4790d9170b9ff4858accc50eaff2b028d78181457c338d.exe
2840	a4e92c53240b53496e4790d9170b9ff4858accc50eaff2b028d78181457c338d.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2840	a4e92c53240b53496e4790d9170b9ff4858accc50eaff2b028d78181457c338d.exe

C:\Users\Admin\AppData\Local\Temp\a4e92c53240b53496e4790d9170b9ff4858accc50eaff2b028d78181457c338d.exe
"C:\Users\Admin\AppData\Local\Temp\a4e92c53240b53496e4790d9170b9ff4858accc50eaff2b028d78181457c338d.exe"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:2840

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Cab4D37.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
6KB

MD5
79af556e6c9e0fc70db9f342dc7c8e12

SHA1
dd35b52eaf4ef5046d05bf3cff8c7fafd6f30833

SHA256
b2d4438b2d5582b20075198b1d2fc41170a8aee975c3ce55309505109c9be50d

SHA512
7c22a28b17e68d469a6473aa22ac3ccaecde56f56193bb842d68a02ca730783269907ecff8a4927e1de464888983a0b80d1cf83fc7b528a527ada693a9b391ad

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
7a49ed986fc16ad321e0d72dec2d1c6d

SHA1
6d2a978e095b768215ccf9719b535f6c4a224f70

SHA256
b4c8e0ab97a55a48beff2da6b817f02ae0aa00e15f1db830acfed8f3913f02e2

SHA512
72294a74a53d85e5624e474d0aad16063974c88ce9a90324551e415fc805ce41b1e67cfa7a18606229d72ff57629491da8efebf6e55a03e954e437178fe5e57d

Download Submit
\Users\Admin\AppData\Local\Temp\yb4818.tmp

Filesize
143.1MB

MD5
036b2f7390449bf5e629e6b971341322

SHA1
e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

SHA256
37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

SHA512
75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

Download Submit
\Users\Admin\AppData\Local\Temp\yb4818.tmp

Filesize
143.1MB

MD5
036b2f7390449bf5e629e6b971341322

SHA1
e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

SHA256
37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

SHA512
75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads