51926043301abacd27d482ec6f58cfa0cd6d77de6a547acb18fec4627a84a6b0

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
02/11/2023, 04:36

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

51926043301abacd27d482ec6f58cfa0cd6d77de6a547acb18fec4627a84a6b0.exe
Size

4.0MB
MD5

6fa39981f629ec9e9d003fce90e141bd
SHA1

ccc513bcab4e463e6efec2c2bbc642e64c16de7f
SHA256

51926043301abacd27d482ec6f58cfa0cd6d77de6a547acb18fec4627a84a6b0
SHA512

cf92320a53180af3ecf459b5b95e105db2f7fb70784cab4329712527b4de4e594c0aa2c420717bb3f17b5c92016f788f80e200f4c49d7f1a6fcd8f17be51a88d
SSDEEP

49152:3ub3nCuhEBygPHQK2FPzhhe3Y+r5u8QeKxFOJxdb4vZKVU:+b3CuhEcgYK2FoKdzOJDb4v+U

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
1928	51926043301abacd27d482ec6f58cfa0cd6d77de6a547acb18fec4627a84a6b0.exe
1928	51926043301abacd27d482ec6f58cfa0cd6d77de6a547acb18fec4627a84a6b0.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1928	51926043301abacd27d482ec6f58cfa0cd6d77de6a547acb18fec4627a84a6b0.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1928	51926043301abacd27d482ec6f58cfa0cd6d77de6a547acb18fec4627a84a6b0.exe

C:\Users\Admin\AppData\Local\Temp\51926043301abacd27d482ec6f58cfa0cd6d77de6a547acb18fec4627a84a6b0.exe
"C:\Users\Admin\AppData\Local\Temp\51926043301abacd27d482ec6f58cfa0cd6d77de6a547acb18fec4627a84a6b0.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
1KB

MD5
b1d830034386538326c26d8aa2ba287a

SHA1
3dd9ed36484a77fb80b75561b96c2db8fa6aa876

SHA256
8588ac1794dec61719b63e6a48864481a5724405191fd3e55bcec69751aa2c5e

SHA512
8ee8169507d2ebd9a5af8071eb15bf4f3965dbc30298b7d62f0eb3d1fbb92e2e7e1d812d0b58b1d03f0c4ab7ce74a500b2362e4e9cb623700af0f04cff9fbb58

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
5KB

MD5
b907f6e7bfcc99d55b0f7e631c745cbf

SHA1
703fb51ddba97684af8e01dab49a2895f7b37fc5

SHA256
d87ee9124f2a687ac538fdcce4c500e00b6abe26d3f15462fab50eee89b6cbc0

SHA512
371abfcef29e07e79aeaf42c6436ed31dba97837785f1f88f3e3bb23ddbd3e59ac37e9db33231d28e3cea6196669f8c09ee3b4b08b836bb1505d2b632ea9f965

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
5ee48be82aaec88cbb8543cda09b4a91

SHA1
e764e1326c9080c090d09210c2be60b32ab2f49e

SHA256
b080311764abf07d4907fe502d1d9a6aac1e2050fd73392bffbdfba87b44e255

SHA512
8bd47f1869b6c898a5b7abaf4ce1f10d1206f58da59a02a0cf5777495ae8818eb887875421c3ada9267447d426e14cd1aeef784e69616be73fa2418b248b6850

Download Submit
\Users\Admin\AppData\Local\Temp\yb4C5C.tmp

Filesize
155.1MB

MD5
3469020b81ad87c33bd9e36b3e3e6ba8

SHA1
008a1622d92eba3c935a8a068e7125e1c2fdd3c6

SHA256
8b3569d4f33acdee3884afe9ec30d6a91bacfafacf7f324371cfbc4fcaad1933

SHA512
c892acdde8b6b7269144702a6ae12f27d4c637cad4d6eff9dbdeba6f9ed656220922b088901daa835b7718e998623552d5d8af38a19e4322bbc07fb9af1d9ed9

Download Submit
\Users\Admin\AppData\Local\Temp\yb4C5C.tmp

Filesize
155.1MB

MD5
3469020b81ad87c33bd9e36b3e3e6ba8

SHA1
008a1622d92eba3c935a8a068e7125e1c2fdd3c6

SHA256
8b3569d4f33acdee3884afe9ec30d6a91bacfafacf7f324371cfbc4fcaad1933

SHA512
c892acdde8b6b7269144702a6ae12f27d4c637cad4d6eff9dbdeba6f9ed656220922b088901daa835b7718e998623552d5d8af38a19e4322bbc07fb9af1d9ed9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads