870128fd4ee1b160c4c62024dd1ccf5ac379eb07ff377f62f24ce1b31d02b63c

Analysis

max time kernel
119s
max time network
128s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
13-10-2023 15:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

870128fd4ee1b160c4c62024dd1ccf5ac379eb07ff377f62f24ce1b31d02b63c.exe
Size

4.6MB
MD5

595b1b0f4b5e4f4acf2ac978332e7e2e
SHA1

c2cda4b6d6b637e1e8b465c862d06bcd36bd47ac
SHA256

870128fd4ee1b160c4c62024dd1ccf5ac379eb07ff377f62f24ce1b31d02b63c
SHA512

ad16b2d0cf4db9dc0595725e889b868f04e62dc3e76521f8ccfbe0d7d13cd3035078ef14d5b11b34bfd81c276604ef47facdf2cb6cf61919d95aba37df1621c8
SSDEEP

98304:6aVizMvkMUg3n5xmtDasmlKdzOJDb4v+:+MsR39wN0v+

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
1596	870128fd4ee1b160c4c62024dd1ccf5ac379eb07ff377f62f24ce1b31d02b63c.exe
1596	870128fd4ee1b160c4c62024dd1ccf5ac379eb07ff377f62f24ce1b31d02b63c.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1596	870128fd4ee1b160c4c62024dd1ccf5ac379eb07ff377f62f24ce1b31d02b63c.exe

C:\Users\Admin\AppData\Local\Temp\870128fd4ee1b160c4c62024dd1ccf5ac379eb07ff377f62f24ce1b31d02b63c.exe
"C:\Users\Admin\AppData\Local\Temp\870128fd4ee1b160c4c62024dd1ccf5ac379eb07ff377f62f24ce1b31d02b63c.exe"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:1596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
1KB

MD5
d53e60bb91d8f6ca734c89025d4d891c

SHA1
a3307ac562bda2f682a5f261415f905c95f6458f

SHA256
f0fd64e6e1ed14c585697cef5fdb7e7a9a331440df30596b868d11aa02557ad7

SHA512
c56bcffbd8de2cb19c58aef22dff183b90cd5482ebaaf08bdabd95e86df5abf7c52e8969c4d455cf227676eb4216682d73670cb8617d5788915d7ec70e23616c

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
4KB

MD5
d1ec6db15211dcf3daf3e3a0ade81964

SHA1
44e4ce9bd26df43118d58c6c7f072d4dc251d17f

SHA256
e0822f883c8f71375fa091788988d7879253e58cbed092f55f55957b1f367ecd

SHA512
463fc85f6818c46722f5e083eafbf1b9d64dd1c4d08704d5fdfed9663aa77ab1e37feaa6668840ac750a304f2c96bf375a0c32542ead6e9b8e2cfd6f6e3dd472

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
808ad1e242e8cd67a00dd6fc66f2d18e

SHA1
8239cf16a9d0f3684c28152ee98e111774bead59

SHA256
5fbf13ec1d9f229b8ad3e28a0ffe15ec559220cb0fcfca33f8334c1bd74d9442

SHA512
c1aba13cf62f83561d27f4ce514e0fec7636b757d8b6b3b2af46fddfc25172f0f588fbf61d7f72dcce92386c8c3421c49b47686d426ee86f3cf4c9582397b159

Download Submit
\Users\Admin\AppData\Local\Temp\yb44DD.tmp

Filesize
143.1MB

MD5
036b2f7390449bf5e629e6b971341322

SHA1
e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

SHA256
37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

SHA512
75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

Download Submit
\Users\Admin\AppData\Local\Temp\yb44DD.tmp

Filesize
143.1MB

MD5
036b2f7390449bf5e629e6b971341322

SHA1
e18a2c46baafa9d42a976e4e7113bb6674cfb5d3

SHA256
37bd0d324c8b6d88c2ceb9d134af62d8142bab4189402767429e325801bc79dd

SHA512
75639c212f834d6c7a527706e9567ceea4e00dd080f21bc97cfd5e9e7ae7fff097c47f653023db50eb550779f3f8ce069fb4df7435780b58493cc75fb0fc8887

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads