58b9e9bfe2cbaa3a8ff1aa0151348bc05da7ad861b52536ed11e0c5f468f79bd

Analysis

max time kernel
122s
max time network
125s
platform
windows7_x64
resource
win7-20231025-en
resource tags

arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
submitted
24/11/2023, 03:04

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

58b9e9bfe2cbaa3a8ff1aa0151348bc05da7ad861b52536ed11e0c5f468f79bd.exe
Size

4.1MB
MD5

364c3ba590f332d9c3e12b3bdd449581
SHA1

1498952077ac13a5408457596d9579b61a9ea8e3
SHA256

58b9e9bfe2cbaa3a8ff1aa0151348bc05da7ad861b52536ed11e0c5f468f79bd
SHA512

e525842c63919ff47a071b8cec6f479f8a73bd2b2ad9614b68477aa3cd6050a1fcd98ba2725ddfc0636976717370e7ad43b3e32054be0f4d60aedfaf0f8de1ea
SSDEEP

49152:Mb2XfWHdZ8BhE7K2dMaNpY+r5u8QeKxFOJxdb4vZKVg:q2XeHdZChmK2dRKdzOJDb4v+g

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Loads dropped DLL 2 IoCs

pid	Process
2280	58b9e9bfe2cbaa3a8ff1aa0151348bc05da7ad861b52536ed11e0c5f468f79bd.exe
2280	58b9e9bfe2cbaa3a8ff1aa0151348bc05da7ad861b52536ed11e0c5f468f79bd.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2280	58b9e9bfe2cbaa3a8ff1aa0151348bc05da7ad861b52536ed11e0c5f468f79bd.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2280	58b9e9bfe2cbaa3a8ff1aa0151348bc05da7ad861b52536ed11e0c5f468f79bd.exe

C:\Users\Admin\AppData\Local\Temp\58b9e9bfe2cbaa3a8ff1aa0151348bc05da7ad861b52536ed11e0c5f468f79bd.exe
"C:\Users\Admin\AppData\Local\Temp\58b9e9bfe2cbaa3a8ff1aa0151348bc05da7ad861b52536ed11e0c5f468f79bd.exe"
1⤵
- Loads dropped DLL
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\Cab3BEA.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\lite_installer.log

Filesize
4KB

MD5
809ba750a1a6fc06199269501c502baf

SHA1
840212d8092cbdd207f44fa1667b1c34a9acd71b

SHA256
ffd3342ede852f135a89373c7143f485a444797ffb033d6d0ad82cd07b57988c

SHA512
9f808b5153c417cc3008c933d3d1647dfd835fdce59f0a6d899ec22fe6e78330b83e171827999a287da83cdfcacff50c0f7d611901ab0b9cf6cdff4631f48f40

Download Submit
C:\Users\Admin\AppData\Roaming\Yandex\ui

Filesize
38B

MD5
4845e084aea856af621a349d5229aedb

SHA1
231e9a703f139305610acbd2bfc72fa0af2957bb

SHA256
acf464f2df51e1341a05b4e1a47eec005d76e01ce55d2245b01c77522cb1025f

SHA512
3483acd6e0972ab018798e3caa2249af8f0d02b05b69a6275ecb039f4c0a8418cc2c1f5f4cc464763508a1f55116c815c5a5e3e5da44b8dcb5e62a07557cb919

Download Submit
\Users\Admin\AppData\Local\Temp\yb385F.tmp

Filesize
155.2MB

MD5
9a1480ecca891dc9dc2ae1d99ae244ad

SHA1
2dfaaa7604f4ddb416f17f5f7a82e69a7772b4d5

SHA256
f4bb2a7c5e8aaf350c9f035adaff91d6474a6076d8c3d19bfc83357a48a411a6

SHA512
5c24f8abc4c83df807a59444eb73ef6b3c6816bcff8cc976edec6d7373ab3bf22551c54e38cc4cdd095f559dc42f35e52803b3425b57e43c714801bc5d451d3b

Download Submit
\Users\Admin\AppData\Local\Temp\yb385F.tmp

Filesize
155.2MB

MD5
9a1480ecca891dc9dc2ae1d99ae244ad

SHA1
2dfaaa7604f4ddb416f17f5f7a82e69a7772b4d5

SHA256
f4bb2a7c5e8aaf350c9f035adaff91d6474a6076d8c3d19bfc83357a48a411a6

SHA512
5c24f8abc4c83df807a59444eb73ef6b3c6816bcff8cc976edec6d7373ab3bf22551c54e38cc4cdd095f559dc42f35e52803b3425b57e43c714801bc5d451d3b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads